Security News > 2021 > September > 2 million malicious emails bypassed secure email gateways in 12 months

2 million malicious emails bypassed secure email gateways in 12 months
2021-09-22 03:30

Two million malicious emails bypassed traditional email defenses, like secure email gateways, between July 2020-July 2021, according to data from Tessian.

In this case, the malicious emails come from a trusted vendor or supplier's legitimate email address, and likely won't be flagged by a secure email gateway as suspicious.

While emails containing attachments were once a popular "Spray and pray" method to trick people into downloading malware, 24% of the emails flagged contained an attachment.

12% of malicious emails contained neither a URL or file - a sign that attackers are moving away from using typical indicators of an attack.

Researchers reveal that most malicious emails are delivered around 2 p.m. and 6 p.m. in the hopes that a phishing email, sent during the late afternoon, will slip past a tired or distracted employee.

The biggest spike in malicious emails immediately before and following Black Friday, a time when many people expect to receive a surge of emails touting deals.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/lNxaqpQ_4I4/