According to one cybersecurity firm’s data, launching messaging attacks had become more popular than distributing malware, among two other trends
Leveraging its threat analysis of its protection ecosystem including more than 1.7bn messages per day across 42,000+ customers globally, a “human risk management platform” has released some threat trends and findings for the first half (H1) of 2024.
First, the data showed that messaging attacks have been evolving, with hackers favoring malicious links over malware to deliver payloads to victims’ systems, correlated with the year-on-year surge in malicious links detected in the firm’s global metrics (133% in the Q1 2024 and 53% in the Q2 2024) globally.
The H1 data for the Asia Pacific region (APAC) showed a similar trend, with more malicious links being reported in Q1 2024 Q1 as compared to that of Q1 2023. The messaging attacks involve more layers of links, providing some obfuscation from detection, while requiring more interaction from victims, including clicking through more links and responding to CAPTCHAs and false multi-factor authentication requests — to increase potential victims’ confidence that the messages are from a legitimate source. In H1, file-sharing services, including SharePoint and Google Drive, have also been popular ways of hosting intermediate documents that link out to credential harvesting pages.
Other findings
Next, the top targeted industries in APAC in the first half of 2024 were travel; hospitality and catering; and professional services, which saw an increase of more than twice the recorded “threats per user” index of Q1 2023 compared to Q1 this year. Overall, The banking, arts and entertainment, and travel and hospitality industries experienced the most malicious URL messages in Q2 2024, while the IT consulting and legal professional services sectors encountered the most spam and impersonation messages.
Third, the data showed that small- and medium-sized enterprises in H1 2024 continued to be prime target for cyberattackers, with a recorded spike of over 80 threats per user (TPU) in Q2 2024 for such businesses in APAC. In Europe, impersonation attacks dominated threats in the ecosystem, while spam accounted for most of the attacks recorded in the Africa user ecosystem.
According to Stanley Hsu, Regional VP (Asia), Mimecast, the firm that released its H1 findings, organizations can “achieve significant cost efficiencies while ensuring robust protection against emerging threats” by optimizing email security and securing office collaboration tools.
