Be careful when you click. That email might not be as innocent as it looks.
Analysis by security provider Mimecast found that between August to November and December to February, the number of emails delivered despite featuring a malicious URL increased by 126 percent.
These malicious links are one of the key methods cyber criminals use to conduct criminal campaigns: by distributing phishing emails which encourage users to click through to a link.
The emails are often designed to look like they come from legitimate senders — like a company, or a colleague — in order to gain the trust of the victim, before duping them into clicking the malicious link.
The purpose of the malicious URL could be to deploy malware onto the PC or it could encourage the victim to enter sensitive information into a fake version of a real service — like a retailer, a bank or an email provider — in order to trick the user into giving up passwords and other data.
Attackers then either use this as a jumping off point for further attacks, or they look to sell it to other cyber criminals on underground forums.
In total, Mimecast analysed 28,407,664 emails delivered into corporate inboxes which were deemed “safe” by security systems and found that 463,546 contained malicious URLs — the figure represents an average of one malicious email getting through for every 61 emails that arrive.
Given the sheer number of emails sent back and forth by employees every single day, that represents a significant security risk and a potential gateway for hackers looking to conduct malicious activity.
“Email and the web are natural complements when it comes to the infiltration of an organization. Email delivers believable content and easily clickable URLs, which then can lead unintended victims to malicious web sites,” said Matthew Gardiner, cybersecurity strategist at Mimecast.
“Cyber criminals are constantly looking for new ways to evade detection, often turning to easier methods like social engineering to gain intel on a person or pulling images from the internet to help ‘legitimize’ their impersonation attempts to gain credentials or information from unsuspecting users,” he added.
To read the original article: