Malicious content in e-mails go up by 250 per cent: Report

Threat report exposes threat campaign, examines shifts in attacker tools, tactics and processes

FORCEPOINT Apr 27th 2016 A-A+

Malicious content in email increased 250% compared to 2014, driven largely by malware and ransomware, according to a global threat report released by Forcepoint, a security technology company. The report said that there is a continuing convergence of email and web attack vectors as nine out of ten unwanted emails contain one or more URLs and millions of malicious macros are being sent. Other top findings of the report include: the United States hosts more phishing websites than all others countries combined; Ransomware focus is sharpening, targeting countries, economies and industries where a high ransom is more likely to be paid; “Insiders” – malicious and accidental – represent the biggest threat to company security and the one for which businesses feel least prepared; advanced evasion techniques are gaining in popularity and are combining multiple evasion methods, such as IP fragmentation and TCP segmentation, to create new ways to bypass access controls, attack watering holes and disguise traffic

 The report also analyzed the impact of a brand new botnet campaign that Forcepoint is calling “Jaku” that was discovered as a result of a 6-month investigation by Forcepoint’s Special Investigations (SI) team, inconsistencies in security control between cloud providers and enterprises among other things.

 “The rapid evolution of the cyber threat environment has consequences that are much broader than just technical, operational, and financial – they can impact every piece of a business,” said Forcepoint Chief Scientist Richard Ford.  “With this threat report, we want to demystify these threats and help enable businesses with tools, recommendations and, quite simply, knowledge, so they can continue to move forward without fear.”

  The threat report can be downloaded at