Written on 17/07/2023

photo: Newmarket Heath - unchanged in 400 years, and probably will remain so for the next 400 - beyond the reach of automation


Email is the main route threat actors use to spread their malicious campaigns since 2022.  It was used by 55% of the cases according to Trend Micro.

The cybersecurity company has indicated in its report 'Email Threat Report: Cybercriminal Tactics and Techniques that Organisations Should Know' that it blocked more than 146,000 million threats directed at its clients over the past year.  Trend Micro blocked more than 79.9 billion threats in 2022 from email alone, of which 39.9 million were high-risk and managed to bypass the native filters of 'email' providers, as indicated by the Trend Micro Cloud App Security (CAS) platform, which detects attacks already in progress and infiltration attempts by criminals.

The company commented that newly created, zero-hour software is more difficult to identify and defend against.  Trend Micro's research also refers to so-called Business Email Compromise (BEC) attacks that target company employees to divulge confidential information.  The number of attacks detected that were using Artificial Intelligence (AI) amounted to 138,894.   That will be a growth area next year.  AI tends to democratise cybercrime to the point that it allows inexperienced malicious actors to make convincing scripts.

Finally, the company has commented on credential phishing attacks.  These come from stolen email accounts that cybercriminals have accessed once they have deciphered their access codes.  According to Trend Micro records, 22 million phishing emails came from this source.

Extraordinary numbers. 

You need to follow the ABC procedure:

    A = assessment of the risk.

    B = best practices to address the risk.

    C = conformity assessment for monitoring and maintenance.

All news