IT systems are under continuous threat from more complex and evolving malware. Email attack remains the preferred route for cybercriminals, as email number increase year on year. In the last year there was an increase in Phishing attacks which became more targeted and malicious emails grew in numbers and complexity.
Emails dominate IT systems as the main source of communication regardless of the rising popularity of instant messaging technology for both commercial and consumer use. It is estimated that there are in excess of 190 billion emails in circulation each day, and this number is set to continue to rise. On average a business user will send and receive in excess of 40 emails a day and more mobile devices are being used to access this data. This is an enormous number and it is understandable why cybercriminal choose to attack emails to gain access to personal data.
It was estimated that more than half of inbound email is spam, with the advancement of spam filters the number of spam emails is the lowest since 2003. Spammers are however finding other ways to reach their audiences by using social networking sites and instant messaging platforms, both are very popular forms of communication with mobile devices.
In recent years Phishing campaigns have become easier for the scammer to operate. Phishing tools are available for scammers to purchase at a very low cost and they do not require a great deal of technical ability to use. Phishing attacks have reduced over recent years and were halved in 2015 compared to the previous year.
Malware that is distributed via email generally requires social engineering to convince the recipient to open the attachment and click on the link. These attachments can be disguised in various forms but have been very popular with fake invoices, office documents and sometimes password abuse notifications. Most malware attacks tend to exploit an unpatched vulnerability in the software application used to open the file; once the link has been activated it normally sends the recipient to a compromised website or drops something malicious onto their computer. Over 55% of malware file attachments in 2015 related to .doc file extension documents, so caution must be applied if a .doc file attachment is received from an untrusted source, delete the email immediately.
military grade security for emails is a vital tool in individuals and company armoury against malware attacks. Encryption helps protect the privacy of the message and can help to validate and authenticate the sender.
As far as cybercriminals are concerned they will continue to develop and create more complex forms of malware and will attack the weakest link in the process; and that it the users.