Anna Lazaricheva | Expert | Cybersecurity | Kaspersky | mail me |
According to estimates by our experts, the average share of spam in global email traffic in 2023 was 45.60%. This deluge of unwanted emails not only clogs up inboxes, but also consumes a significant amount of time and resources.
On average, each year, employees spend between 5 and 18 hours sorting through spam, and when scaled to an organisation with hundreds of employees, this translates into huge amounts of lost productivity. Yet, the wasted time is just the tip of the iceberg.
The true peril lies in the hidden threats that spam can conceal. Phishing emails and malicious messages can lead to the loss of confidential data, posing severe financial and reputational risks for companies.
Given the diverse and evolving nature of email threats, it is crucial for business owners and managers to understand the various forms these threats can take. For instance, particularly inventive fraudsters may send phishing links or malicious files not in the first email, but attempt to start a dialogue first.
Below I examine the most prevalent and pressing email threats that we have been observed and prevented over the years, shedding light on how they operate and the potential damage they can inflict on an organisation.
Phishing
Phishing emails are designed to deceive recipients into revealing sensitive information, such as login credentials or banking details. These emails often appear legitimate, mimicking trusted entities to lower the recipient’s guard.
Phishing attacks can lead to substantial monetary losses. Phishing emails can cause data breaches by tricking employees into revealing their login credentials. Once attackers gain access to a business’s systems, they can steal confidential information, including customer data, proprietary business information, and other sensitive materials.
Phishing typically spreads through links embedded in the email text or within attachments, often PDF or HTML files. An HTML attachment can even be a phishing page itself. Additionally, phishing links can be presented as QR codes within the email.
Fraudsters use a wide variety of tactics to convince users to click on phishing links. The themes and strategies they employ can be extremely diverse, making it difficult to strictly categorise them. This diversity makes phishing a persistent and adaptable threat that requires constant vigilance.
Nowadays, the most topical and popular themes are as follows:
Notifications
Often these are warnings about the need to urgently confirm an email account or any other service. There may also be other notifications, such as important messages stuck and not arriving in the inbox.
Example of notifications about suspended emails. To fix the issue and read the emails, it is proposed to click on the phishing link that looks like official sign-in to an account
Business correspondence
Another pretext to open a phishing link is a document sent to the user, which can be viewed and downloaded by following the link provided in the message. These documents can vary greatly: invoices, delivery notes, or purchase orders.
Shipping and delivery
In the context of shipping, phishing emails often contain a deceptive link that the victim is urged to click ostensibly for reading a shipping document, as described above. However, the pretext for clicking the link can also be the need to confirm the delivery of goods currently pending, for instance, due to an incorrectly specified delivery address, or a lack of delivery information. These messages are often sent on behalf of well-known international companies such as DHL or DPD.
Vishing
Voice phishing, or vishing, is a type of phishing that aims to extract sensitive information or money through telephone communication.
In terms of email threats, vishing involves fraudulent emails that prompt recipients to call a phone number to resolve a fake issue. Typically, these numbers are listed either in the email text or in attached DOC or PDF files.
Notification from PayPal about suspicious activity involving a transaction. If the user did not make the transaction, they need to call the provided phone number to request a refund
BEC
Business Email Compromise (BEC) attacks are highly targeted and sophisticated, aiming to trick specific individuals within an organisation into making unauthorised financial transactions or divulging confidential information.
The fraudster’s initial goal is to convince the victim to respond to their message, initiating a dialogue. This allows the fraudster to build trust and manipulate the victim into persuading to perform some actions that are harmful for the targeted worker’s company. This gradual process of engagement often makes the attack harder to detect until significant damage has been done.
Often, the sender’s field contains the name and surname of a high-ranking individual in the targeted company, such as the CEO. However, the sender’s email address is typically suspicious, not being a corporate email but rather an unknown address, often with a free email domain.
Malware
Malicious emails are messages containing, as a rule, harmful attachments or links. When opened or clicked, these can download malware onto the recipient’s device, leading to data breaches, system damage.
Malware can spread in various ways. Typically, we encounter emails with malicious attachments, such as archives containing malware, for example, in the form of executable files or infected Microsoft Office documents. Additionally, these emails may contain download links, which can be found both in the body of the email and in attached files (PDF, DOC). Fraudulent schemes in malware emails tend to be less varied than in phishing emails. Generally, the user is prompted to open and download a document. So, in other words, the main fraudulent method here is disguising malicious messages as business correspondence.
Notification from a well-known bank. The attachment is a malicious XLS file
Email attacks are faced by all types of organisations but are especially dangerous to small and medium businesses.
Fraudsters continually develop new techniques to deceive recipients and bypass security measures, causing reputational risks, data breaches, and financial troubles. This relentless evolution requires an equally persistent response strategy.
In conclusion
We are committed to staying ahead of these threats by continuously improving our detection methods. By leveraging advanced technologies, we provide high-level protection against email threats while maintaining a minimal rate of false positives. Our ongoing efforts ensure that businesses can operate with greater confidence and security in an increasingly digital world.
To avoid the negative consequences of spam and email threats, we recommend organisations take the following steps:
- Switch on the anti-spam or junk email function in your mail service if there is no dedicated solution as an add-on. This feature should decrease the spam flow.
- Educate employees to recognise spam and especially phishing emails by looking at such signs as the sender’s address, executable files or files with macros in attachments and calls to action. Only open attachments and click links if you are sure that you can trust the sender. When a sender is legitimate, but the content of the message seems strange, it is worth checking with the sender via an alternative means of communication. Specialised courses, such as our Automated Security Awareness Platform, can help.
- Implement dedicated protection for mail servers, such as our Security for Mail Server with a solid set of anti-phishing, anti-spam, and malware detection technologies.
- Use a reliable solution such as Next available in three product tiers to easily choose the tools a business needs right now, and then switch up easily when needed.
Related FAQs: Hidden dangers lurking in my inbox
Q: What are some hidden dangers lurking in my inbox?
A: Your inbox can be a breeding ground for cyber threats such as phishing attacks, malicious software, and email scams that aim to steal your personal or financial information.
Q: How can I protect myself from cyber threats in my inbox?
A: It’s crucial to stay vigilant and implement protective measures like using strong passwords, being cautious of suspicious emails, and updating your antivirus software regularly.
Q: What is the role of a shield in email security?
A: A shield acts as an extra layer of security to safeguard your inbox from cybercriminals who try to infiltrate your system through harmful emails or attachments.
Q: Why is it important to explore topics related to cybersecurity?
A: Exploring cybersecurity topics enables you to understand the latest threats, vulnerabilities, and protective measures that can help you navigate the online world safely.
Q: How can I identify a malicious PDF or exploit in my inbox?
A: Be cautious of attachments or links in emails from unknown sources, as they may lead to harmful exploits or viruses that can wreak havoc on your system.
Q: What should I do if I suspect a hacker has gained access to my email?
A: If you suspect unauthorised access to your email, immediately change your password, analyse your account activity, and consider adding extra authentication measures for security.
Q: How can I protect myself from falling victim to phishing attacks in my inbox?
A: Be wary of unsolicited emails asking for personal or financial information, avoid clicking on suspicious links or attachments, and never disclose sensitive data to unknown sources.