Pierluigi Paganini May 12, 2023

Email-based threats have become increasingly sophisticated, how is changing the Email Security Landscape?

For over a decade, email has been a common source of cybersecurity threats. During that time, email-based threats have become increasingly sophisticated. What started as notes from Nigerian princes that needed large sums of money to help them get home has evolved into bad actors that use refined social engineering tactics to convince the receiver to unknowingly share important information. It’s not likely to stop there.

Recently, VIPRE Security Group published their Email Security in 2023 report, where they shared insights on the development of email-based threats and how they can impact organizations. What follows is an overview of some of the key findings from the report and some of the thing’s businesses can do to protect their employees and data.

Email Threats Are Becoming More Sophisticated

There are a number of ways that email can be leveraged to compromise the security of an organization, but the most prominent approach is phishing. In a phishing attack, an individual receives an email from a sender that seems legitimate with a request to share information, log into a system, or click a link. In this email, the bad actor pretending to be the sender may nefariously capture the individual’s authentication details or prompt a malicious download that then compromises the system. At this point, the bad actor has access to the information they were after.

Today, according to the Verizon 2022 Data Breach Investigation Report, phishing is one of the leading five tactics used to initiate data breaches. It’s a trend that’s growing. In 2022, email phishing attacks made up 24% of all spam emails — up from 11% in 2021. Given that phishing requires a relatively low lift for attackers, and has a fairly decent rate of return for them, it’s no surprise that there has been an increase in this trend.

The prevalence of phishing attacks has been bolstered by a number of risk factors, including:

• Insider threats whereby disgruntled or compromised employees leverage their position in the company to get access to certain items. They can use their corporate email and their insider knowledge to make requests to others using social engineering.
• Domain compromise, where attackers compromise a website or newly registered domain to create seemingly legitimate communications and links.
• Phishing-as-a-Service has emerged as a model that’s standardizing the underground economy and making it easier for bad actors to access phishing and hacking services.
• QR code spoofing. Bad actors are starting to leverage QR codes as part of their email phishing tactics, largely because of how comfortable people got with them over the pandemic.
• Domain warming, a process through which someone creates a positive reputation for a domain so that its emails don’t get flagged as spam. Bad actors use the domain until it starts getting blocked, and then move onto the next one.

What Can We Expect in 2023?

As part of their report, the team at VIPRE made three predictions for the email security landscape this year.

#1 There will be more remote work-based attacks. Since remote work relies significantly on email as a form of communication, the statistical chance of a successful phishing attack only goes up. In addition, there is also a number of collaboration tools — like Asana, Slack, and Teams — that leverage email as a verification method, and that could be compromised.

#2 The “as-a-Service” economy is going to keep growing. Cybercriminals are finding out that they don’t need to be technical experts to execute their campaigns anymore. Now they can hire a team to do it for them. The potential of this growing space is dangerous, and companies need to stay on their toes.

#3 Small businesses are at risk. As bad actors opt for a more agile and efficient approach, they’re turning their attention to “easy” targets: small businesses. As large enterprises focus more on security, they are getting harder to penetrate, and smaller companies require less effort to infiltrate. This ultimately makes them more valuable to hackers.

Being aware of the threats is an important first step, but organizations need to also be well-positioned to protect themselves from these activities.

What Companies Can Do to Protect Themselves

Just as the email threat landscape has evolved over the last decade, the same is true for email security. Today, companies have a wealth of options to choose from when it comes to strengthening their email security posture. These include:

• Implementing a layered email security strategy that accounts for different types of phishing attacks and dissuades bad actors from attempting an attack.
• Investing in behavioral-driven analytics so that they can quickly identify any red flags and respond to a behavioral anomaly before it causes any real impact.
• Securing data in transit to avoid sensitive data being captured in email responses. This can be done using encryption.
• Deploying email-specific security controls that go beyond traditional security methods, such as dynamic crawl abilities.
• Protecting all endpoints by building a comprehensive security posture and reviewing all files, processes, and network activity proactively.
• Training users to be more aware. Education is a key element in building a culture of security, so it’s vital to get employees onboard when rolling out new standards and policies.

There’s no time like the present to get started with these strategies. Investing in best-in-class systems now will ensure that you’re keeping pace with the ongoing evolution of email threats and keeping your company protected.

About the author

Ali Cameron is a content marketer that specializes in the cybersecurity and B2B SaaS space. Besides writing for Tripwire’s State of Security blog, she’s also written for brands including Okta, Salesforce, and Microsoft. Taking an unusual route into the world of content, Ali started her career as a management consultant at PwC where she sparked her interest in making complex concepts easy to understand. She blends this interest with a passion for storytelling, a combination that’s well suited for writing in the cybersecurity space. She is also a regular writer for Bora.

We are in the final!

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini

Please nominate Security Affairs as your favorite blog.

Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Email Security Landscape)