Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Malware-less Email Attacks Increasingly Common, FireEye Finds

    Written by

    Sean Michael Kerner
    Published September 12, 2018
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      FireEye released its first half of 2018 Email Threat Report on Sept. 12, finding that most of the email its security systems have analyzed were potentially at risk.

      The analysis is based on a sample set of over half a billion emails that FireEye examined from January to June 2018. Only 32 percent of email traffic seen by FireEye was considered to be “clean,” meaning it had little or no risk and was delivered to user inboxes. However, just because an email isn’t considered to be clean doesn’t mean it has malicious intent. According to FireEye, only one in every 101 emails was determined to have malicious intent.

      “Not only is email the most pervasive form of communication, it is also the most popular vector for cyberattacks,” Ken Bagnall, vice president of email security at FireEye, wrote in statement. “This makes email the biggest vulnerability for every organization.”

      Bagnall’s statement is backed up by FireEye’s data, which found that email is the point of entry for 91 percent of all cyber-attacks. 

      In terms of how the percentage of clean email was determined by FireEye, there are both connection and content level indicators of threat that were considered. Fifty-eight percent of emails were blocked at the connection level, where abnormal email traffic is identified based on a managed block list of compromised IP addresses and known malicious domains. An additional 10 percent of emails were blocked at the content level, due to malicious attachments, malware URLs or impersonation detection.

      Malware-less Attacks

      Impersonation attacks include Business Email Compromise (BEC), which is an email attack where an organization is tricked into paying a fraudulent invoice. According to a recent report from the FBI, BEC attacks have claimed $12.5 billion in global losses since October 2013.

      FireEye considers impersonation and BEC to be a class of attack it refers to as malware-less—that is, there is no executable virus or file that is directly associated with the attack. According to the report, 90 percent of all email attacks blocked by FireEye in the first half of 2018 were malware-less, with only 10 percent containing some form of malware, including ransomware, viruses or spyware.

      Looking deeper into what makes up malware-less email, FireEye reported that phishing attacks accounted for 81 percent of the blocked malware-less email, with 19 percent coming from impersonation attacks.

      Email Attack Timing

      While email attacks can and do come at any time of the day, any day of the week, FireEye noticed a number of timing trends.

      According to the report, Friday is the most common day for an impersonation attack. Other forms of malware-less email attacks were more likely to occur on a Thursday. For malware-based email attacks, Monday and Wednesday were the most common delivery days.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and writer for several leading IT business web sites.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×