You receive an email, you are unfamiliar with the sender's name or email address, and they are offering you a new service or deal on something. Is it malicious? Not necessarily. Perhaps you forgot about signing up for a newsletter a while back.
Malicious vs. Benign
According to Symantec, 5.5% of business emails are classified as spam. With the average business account receiving around 104 emails per day, this creates significant potential for employees to misreport messages.
While some spam messages may still contain malware or other malicious content, this statistic underscores the importance of a strong security awareness training program to help employees better distinguish between routine spam and genuine threats.
Reported Email Types
Legitimate email
It happens all the time. An unfamiliar email gets reported, but it is actually legitimate. Between scams encouraging wire transfers, the overabundance of spam, and the occasional forgetful person, legitimate emails do get reported. Without a monitoring process in place, these emails may end up in a black hole, leading to missed information or opportunities.
Spam
Spam emails often outnumber legitimate messages in our inboxes. While these aren't typically malicious, they can still slip past filters just like phishing emails. Platforms like Gmail offer a “Report Spam” button, while Outlook provides options to mark messages as junk or, with a bit more effort, report them as phishing. Some organizations also include a dedicated “Report Phish” button, which can lead to an increase in misreported spam. Fortunately, most of these messages end up in the email black hole and few will be missed.
Phish
Based on our data, phishing attacks are the most frequently reported type of email. This reflects both the effectiveness of employee training programs and the persistent nature of phishing as a threat. Despite increased awareness, these attacks remain a constant tactic used by cybercriminals.
To better understand why phishing continues to be so impactful, it’s important to recognize that many other types of threats are commonly delivered through phishing emails, including:
419 Scam
419 Scams, often associated with the infamous “Nigerian Prince” scheme, can take many forms. These messages typically involve emotional appeals or claims from supposed government officials or businesspeople, all promising a large payout in exchange for a small upfront wire transfer. The story usually goes: Once you send the money, they’ll use it to access a larger fortune and reward you generously which, of course, never happens. While most arrive via email, these scams can also be delivered through faxes or physical letters.
Payload link
A payload link takes a bit more hands-on work from the user, but they are still an effective attack. While newer technology helps to curb this, older versions of Microsoft Office are particularly vulnerable due to the use of macros. First, the user will open an email and download or open an attachment, it will say something along the lines of needing to enable macros so that you can see the content, and then the payload does its intended damage. The same types of attacks are also now being employed on mobile devices.
Ransomware
The cybersecurity world was rocked by the WannaCry ransomware attack, which impacted over 300,000 users globally. Victims were locked out of their Windows systems and told to pay a ransom in Bitcoin to regain access. WannaCry is just one example as ransomware comes in many forms and can spread through phishing emails, malicious websites, or by exploiting vulnerabilities in unpatched systems. These attacks continue to evolve, making vigilance and layered defenses more critical than ever.
DocuPhish
Paper contracts are still a thing, but digital signatures are just as common. As a result, DocuPhish builds upon the growing trend and attackers will create fake replicated sites, HTTPS and all, in an effort to get you to sign over sensitive personal and financial information.
Business email compromise (BEC)
Business email compromise are highly targeted email attacks that go after your C-suite or financial department. In many cases these emails are designed to look like a vendor request for payment, paying an invoice, or other previously approved relationship. Unfortunately, businesses fall for this attack on a regular basis, and training would be the biggest defense against it. To prevent BEC, all you need to do is verify the transfer internally or with the vendor.
Job scam
Make money fast from home the email subject line reads. Sure, you knew that was a scam (hopefully), but there are numerous other types of job scam emails that are savvier. Emails now can easily be rebranded to look like it came from LinkedIn or any of the other job sites, all with the guise of taking you to a compromised or malicious site. Some email job scams will even go so far as turning into a 419 scam.
Crimeware
Ever spotted an unfamiliar charge on your credit card statement? For many, this is an all-too-common experience, and one possible culprit is crimeware. Crimeware is a type of malware designed to steal financial, retail, and even sensitive business information, often operating silently in the background until damage is done.
Remote access trojan (RAT)
Remote Access Trojans or RATs are particularly nasty and can be dropped on your system through compromised software or through an email attachment. RATs act as a back door, allowing the attack to practically do anything from dropping a keylogger on your system, taking screenshots, accessing all your files, and even formatting your hard drive.
Tackle your toughest email security challenges with Fortra.
