In today’s volatile threat landscape, it can seem overwhelming to try to keep track of every threat and the likelihood that it could endanger your business. Cybercrime is at an all-time high, with a new cyberattack launched every 39 seconds – and 80% of those cyberattacks are phishing. Phishing is the most dangerous risk every business faces and the root of many emerging threats. In the recently published report The State of Email Security 2021, we mapped out likely future threat scenarios about the cybersecurity dangers that are worth watching. These emerging threats should be on every company’s radar.
Are you protected from phishing? Use our domain checker to find out! CHECK NOW>>
Ransomware defense has to be at the top of every IT professional’s priority list. The US Cybersecurity Infrastructure Security Agency (CISA) has raised the alarm about the growth of ransomware year-over-year, and data bears that alarm out. Ransomware attacks have jumped more than a 300% in a year-on-year comparison. A stunning one in four attacks that IBM Security X-Force Incident Response remediated in 2020 were caused by ransomware. It’s also the favored weapon for mounting infrastructure attacks and nation-state cybercrime.
Ransomware practitioners are continually evolving to keep up that momentum. As cybersecurity professionals find new ways to block their schemes, ransomware creators have to make changes to get past new defenses. Targeted ransomware is the new trend, and it is exploding. In this style of attack, bad actors don’t craft a spear phishing email designed to appeal to many targets; instead, they design a spear phishing email designed to lure in a few very specific targets, often executives or people with IT management or spending power in an organization in order to increase the likelihood that the message makes it through security and doesn’t raise suspicion, even in the target. It’s a similar approach to the one used to conduct business email compromise operations. Researchers determined that targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types.
Another popular variation is double extortion ransomware, the weapon of choice in over 50% of all ransomware attacks in 2020. That style is evolving too. New on the scene, triple extortion ransomware is beginning to gain popularity. Adding one more step to the traditional double extortion dance, triple extortion ransomware not only requires companies to pay for a decryption key and the return of their uncopied data, but it also includes a payment to avoid another damaging effect like a DDoS attack.
Add to your security team without adding to your headcount! LEARN MORE>>
Brand Fraud & Spoofing
Brand impersonation and spoofing was a major cybercrime player in 2020, and it looks set to continue that popularity in 2021. Brand impersonation shot up 81% in 2020 in a year over comparison. This surge reflects the complex sophistication used in the social engineering of today’s email threats. These attacks are often a combination of spear phishing, spoofing, and impersonation that take advantage of people’s tendency to gloss over routine or expected communications without looking for trouble, and that can be a disaster for businesses. According to the US Federal Bureau of Investigation (FBI) IC3 report, $217 million in business losses last year were the result of email spoofing.
Cybercriminals are quick to use trusted brands that would routinely send someone email to slip in their poisonous missives. Experts estimate that one of every 25 branded emails is a phishing attempt and point out Microsoft (43%) followed by Amazon (38%) as the most faked brands. Social media sites are part of this category as well. In angler phishing/brand fraud combination attacks, cybercriminals leverage the constant stream of routine update email that social media user receive to launch phishing attacks. In 2020, 43% of the most opened phishing messages purported to be LinkedIn.
Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>
More Email = More Risk
Increased email volume means an increase in phishing attempts. An estimated 8 of 10 organizations increased their email traffic in 2020, leading to a 64% increase in email threat volume. With email volume projected to remain high, email threats like these will continue to grow. In a 2021 survey, 70% of survey respondents said that they believe that their business will be harmed by email attacks in the next year, up from 59% in 2020 – and they’re probably right.
Graphus protects businesses from threats like these – even when they’re emerging threats. The smart AI gathers its own threat intelligence, so it’s not waiting for someone to tell it what to be on guard against or fuss with settings. It’s also not dependent on threat reports and patches to learn about new threats and start protecting your business from zero day attacks and unexpected new threat vectors. Graphus is always learning, refining your protection to meet the needs of your unique business.
Ransomware almost always arrives attached to a phishing email. Our TrustGraph technology catches 40% more phishing email than traditional solutions. Brand impersonation and spoofing schemes rely on social engineering to land. But our smart AI doesn’t fall for tricks. Instead, this powerful antiphishing guardian uses more than 50 points of comparison to adjudicate the authenticity of an email, preventing phishing messages from slipping through.
Don’t wait until your organization gets burned by one of these emerging threats. Employees can’t click on a phishing email that they never receive. Contact our solutions experts today and let’s put Graphus to work for you.