top of page
Search

13 email threat types to know about right now

Updated: Sep 10, 2022

In today’s rapidly evolving environment, traditional email security solutions aren’t enough to protect businesses anymore. You must also effectively defend against sophisticated email threats that are often able to bypass defenses by using backdoor techniques, including spoofing, social engineering, and fraud, to penetrate networks and wreak havoc


Fighting increasingly complex email attacks

The email and phishing threats faced by organizations today vary greatly in complexity, volume, and the impact they have on businesses and their employees. There are a number of distinct categories of email threats:


Spam: These are unsolicited, high-volume messages generally of a commercial nature, which are sent without regard to the recipient’s identity.

Malware: This is software specifically designed to cause damage to technical assets, disrupt operations, exfiltrate data, or otherwise gain access to a remote system. Malware is usually distributed through email attachments or URLs leading to malicious content.

Data Exfiltration: These types of attacks occur when data is copied or retrieved from a remote system without the owner’s consent. It can occur maliciously or accidentally.

Phishing: These emails attempt to trick an end user into believing the message is from a trusted person or organization to get them to take an action like disclosing credentials, wiring money, or logging into a legitimate account on an attacker’s behalf.

• Impersonation: This category includes any attack where the malicious actor pretends to be a person, organization, or service. It’s a broad superset of attacks that usually go hand in hand with phishing

A total of 13 email threat types fall into these categories. Some of these attacks are used in conjunction with others; hackers often combine various techniques. For example, many spam messages include phishing URLs, and it’s not uncommon to see a compromised account be used in internal or lateral wire fraud.




Here's a look at the top 13 email threat types




  1. Spam is unsolicited bulk email messages, also known as junk email. Spammers typically send an email to millions of addresses, with the expectation that only a small number will respond to the message. Spammers gather email addresses from a variety of sources, including using software to harvest them from address books. The collected email addresses are often also sold to other spammers

  2. Malware: Cybercriminals use email to deliver documents containing malicious software, also known as malware. Typically, either the malware is hidden directly in the document itself, or an embedded script downloads it from an external website. Common types of malware include viruses, Trojans, spyware, worms, and ransomware.

  3. Data exfiltration is the unauthorized transfer of data from a computer or other device. It can be conducted manually via physical access to a computer and as an automated process using malicious programming on the internet or a network. Attacks are typically targeted, with the objective of gaining access to a network or machine to locate and copy specific data. In addition to malicious attacks, data is frequently lost accidentally due to human error

  4. URL Phishing: In phishing attacks, cybercriminals try to obtain sensitive information for malicious use, such as usernames, passwords, or banking details. With URL phishing, cybercriminals use email to direct their victims to enter sensitive information on a fake website that looks like a legitimate website. URL phishing is also known as fake websites and phishing websites

  5. Scamming: With email scamming, cybercriminals use fraudulent schemes to defraud victims or steal their identity by tricking them into disclosing personal information. Examples of scamming include fake job postings, investment opportunities, inheritance notifications, lottery prizes, and fund transfers

  6. Spear phishing is a highly personalized form of an email phishing attack. Cybercriminals research their targets and craft carefully designed messages, often impersonating a trusted colleague, website, or business. Spear-phishing emails typically try to steal sensitive information, such as login credentials or financial details, which is then used to commit fraud, identity theft, and other crimes. Cybercriminals also take advantage of social-engineering tactics in their spear-phishing attacks, including urgency, brevity, and pressure, to increase the likelihood of success. Spear phishing is also known as whaling and laser phishing.

  7. Domain impersonation is often used by hackers as part of a conversation-hijacking attack. Attackers attempt to impersonate a domain by using techniques such as typosquatting, replacing one or more letters in a legitimate email domain with a similar letter, or adding a hard-to-notice letter to the legitimate email domain. In preparation for the attack, cybercriminals register or buy the impersonating domain. Domain impersonation is also known as typosquatting and lookalike domains

  8. Brand impersonation is designed to impersonate a company or a brand to trick their victims into responding and disclosing personal or otherwise sensitive information.

  9. Extortion scams, including sextortion, are increasing in frequency, becoming more sophisticated, and bypassing email gateways. In sextortion attacks, cybercriminals leverage usernames and passwords stolen in data breaches, using the information to contact and try to trick victims into giving them money. The scammers claim to have a compromising video, allegedly recorded on the victim’s computer, and threaten to share it with all their contacts unless they pay up. Extortion is also known as sextortion.

  10. Business Email Compromise attacks, scammers impersonate an employee in the organization in order to defraud the company, its employees, customers, or partners. In most cases, attackers focus their efforts on employees with access to the company’s finances or personal information, tricking individuals into performing wire transfers or disclosing sensitive information. These attacks use social-engineering tactics and compromised accounts, and they often include no attachments or links. BEC is also known as CEO fraud, CFO fraud, employee impersonation, whaling, social engineering, and wire transfer fraud

  11. Conversation hijacking: Cybercriminals insert themselves into existing business conversations or initiate new conversations based on information they’ve gathered from compromised email accounts to steal money or personal information. Conversation hijacking can be part of an account-takeover attack. Attackers spend time reading through emails and monitoring the compromised account to understand business operations and learn about deals in progress, payment procedures, and other details.

  12. Lateral phishing: Attackers use recently hijacked accounts to send phishing emails to unsuspecting recipients, such as close contacts in the company and partners at external organizations, to spread the attack more broadly. Because these attacks come from a legitimate email account and appear to be from a trusted colleague or partner, they tend to have a high success rate

  13. Account takeover is a form of identity theft and fraud, where a malicious third party successfully  gains access to a user’s account credentials. Cybercriminals use brand impersonation, social engineering, and phishing to steal login credentials and access email accounts. Once the account is compromised, hackers monitor and track activity to learn how the company does business, the email signatures they use, and the way financial transactions are handled. This helps them launch successful attacks, including harvesting additional login credentials for other accounts. Account takeover is also known as account compromise.


 
 
 

Comentarios

bottom of page