Given the growing volumes of emails received every day, people do not have the time to devote to every email and fall prey to email threats. This has made emails the most popular attack vector. So, what are the common email threats today? Read on to find out.
13 Email Threats to Know About and Protect Against Now
85% of all emails are spam today, making spam one of the most prevalent email threats facing organizations today. Also known as junk email, spam is unsolicited bulk email messages typically sent to millions of email ids hoping that a percentage of the recipients will respond to the message.
Attackers leverage spam to send out fraudulent messages, spread malware, push scams, trick users into sharing sensitive information or conduct other email frauds. They cost organizations USD 20.5 billion every year by flooding inboxes, impacting server traffic, and eroding productivity.
As per data, 92% of all malware is delivered via email by attackers. Malware is malicious software designed to intrude, exploit, and damage systems, devices, networks, services, applications, etc. Some common malware types are viruses, spyware, worms, Trojan horse, ransomware, etc.
As an email security threat, attackers may embed malware within documents, downloads, links within the email, or scripts that download malware from an external site.
- Ransomware Email Threats
Ransomware, a vicious type of malware, uses asymmetric encryption to prevent organizations from accessing data by blocking systems/ networks/ applications until the demanded ransom is paid. Attackers often use email to deliver ransomware and cripple an organization completely. In 2021, 90% of ransomware was delivered using phishing emails and had a 21-day average downtime. Ransomware email threats cost organizations billions of dollars each year.
- Email Phishing Attacks
Email phishing attacks are another common email threat facing organizations. By masquerading as legitimate entities, attackers send emails that coax unsuspecting users into doing the attacker’s bidding. Email phishing is used to gain access to credentials and sensitive information, steal money, make users download malware, make purchases, etc.
The common types of email phishing attacks:
- URL Phishing
- Spear Phishing
- Lateral Phishing
Email scamming is when attackers create and send emails containing fraudulent schemes to trick unsuspecting victims into disclosing sensitive information, transferring funds, etc.
Scammers typically appeal to people’s sympathy, charity, fear, or greed to make them fall for the scam. Examples of scamming include fake lottery prizes, investment opportunities, job postings, offers, inheritance notifications, etc.
- Data Exfiltration
Data exfiltration is an email threat wherein attackers engage in unauthorized data transfer between devices/ systems. Typically done using automated malicious programming, data exfiltration is targeted and seeks to gain access to networks/ devices/ systems to copy and transfer data.
- Business Email Compromise
One of the most financially damaging email threats, business email compromise, exploits the fact that a bulk of personal and professional business happens over email today. The attacker impersonates an employee of an organization to deceive a company, its employees, partners, or customers. Since the email is from a legitimate source, the victims are tricked into doing the attacker’s bidding.
- Domain Impersonation
Domain impersonation is where attackers impersonate legitimate domains, typically through typo squatting or by changing one or more letters in the email domain or adding a hard-to-notice letter in the domain name. The seemingly legitimate domain names with easy-to-miss changes make these highly impactful email threats.
- Brand Impersonation
Here attackers impersonate a well-known brand to coax victims into doing their bidding. Service impersonation and brand hijacking are common forms of brand impersonation.
- Conversation Hijacking
Using information gathered through compromised email accounts, attackers insert themselves into existing business communications or start new email conversations to steal personal and sensitive business information in conversation hijacking attacks. These email security threats are usually used as part of account takeovers.
- Account Takeover
Having gained user credentials through social engineering, brand impersonation, or phishing, the attacker engages in identity theft and fraud in account takeovers. Attackers closely monitor compromised accounts to understand how the business functions email signatures are used before launching successful attacks.
In this type of email threat, attackers gather information about victims, contact them claiming to have compromising personal information or videos, and blackmail them into paying demand money. The volume, complexity, and sophistication of extortion campaigns, including sextortions, rise. However, these email threats typically go unreported owing to their embarrassing and sensitive nature.
- Browser Exploit Kits
Attackers leverage browser vulnerabilities to exploit email accounts and perform identity thefts, data leaks, etc. For instance, attackers can leverage a link in the browser kit containing an abused code to exploit emails.
Moving Forward… Protecting Against Email Threats Usually, modern email gateways can filter out most email threats such as spam, scams, and malware. But multiple layers of email threat protection such as next-genWAFs, sandboxing, behavioral analytics, and so on are necessary to stop threats even before they reach the inbox.