You can now access the content by clicking the button below.Download whitepaper
We’re seeing a rise in phishing attacks against cloud-based email services such as Microsoft Office 365 as an increasing number of companies transition to the more cost-efficient cloud solutions. Email has been, and remains as, the primary initial attack vector used by attackers to infiltrate an organization’s server.
Email remains as the primary initial access vector used by attackers – with 94% of malware being delivered via email.
Almost 50% of all malicious attachments are found to be Office Documents with hidden macros, scripts and other exploits, which upon activation, will download additional payloads, such as ransomware and RAT. The rest are commonly through Windows Apps (26%) and other, such as archives and .js files (22%).
According to recent research by Gartner, "by 2021, Gartner expects 70% of public and private companies to be using cloud email services."
There is already an increasing number of organizations transitioning to the more cost-efficient cloud-based solutions such as Microsoft Office 365. Along with this transition is a parallel uptick in attackers seeking to compromise a user’s email account as the organizations’ emails and other valuable data migrate along with them. To date, over 80% of compromises is driven and enabled by credential theft.
In this case, cyber criminals know that you are expecting emails relating to COVID-19. Criminals can increase the effectiveness of their email attacks by mimicking a familiar authority, using urgency and exploiting the globally felt fear due to the current situation.
Malicious actors may use existing, real, materials as bait to encourage people to perform a risky action such as click a link or open an attachment. A favourite tactic is to hide executables in archive files attached to emails. It is critical that users look at the sender of an email and examine any links contained within it before taking action. By mid April 2020, Google reported an average of 18 million COVID-19 phishing emails that were sent out via Gmail in a day.