Ransomware only accounted for a small fraction of all malicious email content in Q4, according to the latest threat report from Proofpoint. The report highlighted that banking trojans were the most prevalent form of malicious payloads in email, making up 56% of all malicious content. This marked a significant shift, as remote access trojans (RATs) also saw a notable increase in usage, despite being less common in previous years.
Email continues to be the primary vector for malware distribution and phishing attacks, with email fraud, or business email compromise (BEC), on the rise. Interestingly, the volume of ransomware messages dropped significantly from Q2 to Q4, suggesting that attackers may be shifting their focus to other forms of malware that offer greater returns.
Sherrod DeGrippo, Proofpoint’s director of threat research and detection, noted in a recent podcast that ransomware has become less prevalent due to the complexity of using cryptocurrencies for payments. Instead, cybercriminals are turning to crypto-miners, attaching them to various types of malware such as banking trojans and RATs to maximize profits.
The report also highlighted a shift in the distribution of malicious content, with malicious URLs surpassing malicious attachments in Q4. Banking trojans, stealers, and downloaders accounted for over 90% of initial payloads, with the Emotet banking trojan being identified as a major threat. Emotet disguises itself as PayPal receipts or shipping notifications to trick users into downloading malicious files.
Ed Tucker, CISO and co-founder of Email Auth, Byte, and Human Firewall, emphasized the importance of evidence-based risk management in light of these findings. While ransomware remains a concern, businesses should be vigilant against a variety of threats and make informed decisions based on actual risks.
Overall, the threat landscape is constantly evolving, and businesses must stay informed and proactive in their cybersecurity efforts. Proofpoint’s report serves as a reminder that a comprehensive approach to risk management is essential in mitigating the impact of emerging threats.
Stay updated on the latest cybersecurity trends and insights at Infosecurity’s Online Summit on March 26-27. With sessions like “The Death of Ransomware: Long Live Other Malware” and “How To: Phish Your Employees,” attendees can earn CPE credits while learning how to protect their organizations from evolving cyber threats. Register now to secure your spot at this informative event.