New Symantec Report: 1 in 9 Email Users Encountering Malware
New Symantec Report: 1 in 9 Email Users Encountering Malware
Today, Symantec published new findings on the email threat landscape indicating a continued increase of malware encounters. The report may also serve as helpful information for future stories on the topic.
Email is everywhere and cyber attackers are taking advantage. For example, we’ve seen a fake Google Docs phishing scam spread across the world earlier this year. Symantec’s ISTR special report outlines how email users are vulnerable to a variety of threats.
Key findings in the Email
Threats 2017 paper include:
• Email is the most commonly used infection vector.
• On average, one out of every nine email users have encountered malware in the first half of 2017.
• Approximately 8,000 businesses each month are targeted by Business Email Compromise (BEC) scams. A targeted organisation is sent five BEC emails in a given month.
• The spam rate for the first half of 2017 reached 54 percent (after bottoming out over the last two years), and is expected to continue to climb as the year progresses.
Users
encounter threats through email twice as often as other
infection vector
Summary: The latest ISTR special report, Email Threats 2017, casts a light on a threat landscape where attackers are actively spreading malicious threats, BEC scams, and a variety of spam through email.
In our latest ISTR special report, Email Threats 2017, we describe how people are more than twice as likely to encounter threats through email than any other infection vector. In fact, one out of every nine email users will have had a malicious email sent to them in the first half of 2017. And the likelihood rises further depending on which industry the user works in. For instance, if the user is in Wholesale Trade, as they likely would in the scenario outlined above, that ratio climbs to one out of every four users.
But email with malicious code isn’t the only threat out there. Business email compromise (BEC) scams are another continuing threat. These are scenarios where a scammer impersonates someone along the lines of an executive within your company, or another person of power within the supply or administrative chains, and attempts to get users to wire money or share sensitive information with them.
It’s an attack that’s proven quite lucrative for scammers—the FBI estimates over US$5 billion has been stolen through these scams between late 2013 and the end of 2016. According to our latest analysis, we see approximately 8,000 businesses targeted by BEC scams in a given month. On average these businesses receive more than five BEC scam emails each month.
Spam also continues to be an email annoyance as well. While the spam rate has been in a slow but steady decline since 2011, our latest research has discovered that the spam rate may have bottomed out and is now beginning to climb again. In fact, the spam rate for the first half of 2017 hit 54 percent, which equates to around 11 more spam emails in your inbox each month compared to a year ago.
Once again, these rates are much higher in some industries. For instance, our friends in the Wholesale Trade industry can see twice as much spam as the average user would. But they’re not alone, as other industries, such as Manufacturing, Retail Trade, Construction, and Mining — all industries that can also be targeted by campaigns such as the one above — saw spam rates that were all 1.5 times above the average.
Email is one of the most popular tools for communication, but this ubiquity has also made it a hotbed full of scammers looking to wreak havoc. These are just a few of the insights uncovered in our latest ISTR special report. You can download your copy of Email Threats 2017 now to read about more risks on the email threat landscape and what you can do about it.
ENDS