Complex Made Simple

FireEye Email Threat Update: How Attackers are Getting Ahead in the Cloud

Bad actors are following where the money goes, with an arsenal of tools at their disposal

As companies migrate to the cloud, we see more attackers exploiting cloud services to perpetrate their attacks Microsoft- and Office 365-themed phishing attacks increase by 12% quarter over quarter, for 68% of all phishing detections. Entertainment/Media/Hospitality has stolen the number one spot from Financial Services, which dropped to number two

By Michael Hulton, Vice President & GM of Email Security at FireEye

Attackers are constantly adapting their tactics to get past email security defenses. Bad actors are following where the money goes, with an arsenal of tools at their disposal. That’s why as companies migrate to the cloud, we see more attackers exploiting cloud services to perpetrate their attacks.

Today at GITEX 2019, FireEye has released its latest email threat update. The analysis of more than 2 billion emails[1] is visually depicted within this new infographic.

Read Gitex: New Mimecast Report finds staggering increase in Business Email Compromise (BEC) attacks

To summarize, we have identified several significant themes:

  • Attackers Are Getting Ahead in the Cloud: As companies continue migrating to the cloud, bad actors are abusing cloud services to deploy phishing attacks. Some of the most common tactics include hosting Microsoft-themed phishing pages with Microsoft Azure, nesting embedded phish URLs in documents hosted on popular file sharing services, as well as establishing phishing URL redirects on popular email delivery platforms.

  • Microsoft Continues to Be the Most Popular Brand Used in Phishing Lures:A typical phishing email impersonates a well-known contact or trusted company to induce the recipient to click on an embedded link, with the ultimate goal of credential or credit card harvesting. During the evaluated period, FireEye saw Microsoft- and Office 365-themed phishing attacks increase by 12% quarter over quarter, as Microsoft continues to be the most popular brand utilized in phishing attacks, with 68% of all phishing detections.

Infographic: Successful email-driven content marketing strategies and tactics for today’s SMBs

  • Entertainment/Media/Hospitality Most Targeted Vertical: Q2 saw a shakeup in the most targeted vertical industries. Entertainment/Media/Hospitality has stolen the number one spot from Financial Services, which dropped to number two. Other highly targeted verticals for email-based attacks include Manufacturing, Service Providers, Telecom, State & Local Government, Services/Consulting, and Insurance.

More information on the changing email threat landscape, including the top ways attackers are evading detections is available at https://content.fireeye.com/one-email/ig-the-3-ts-of-email-attacks

[1] These findings are the result of FireEye analysis against a sample set of more than 2 billion emails from April through June 2019.