Malicious URL attacks returned with a vengeance. Ransomware reigned supreme. And fraudsters worked aggressively to impersonate trusted brands in email, social media and the web. Those are just a few of standout trends we saw in the third quarter within our global customer base and in the wider threat landscape.
- Malicious email volume soared 85% from the prior quarter, propelled by an explosion of malicious URL attacks.
- Ransomware remained the top malware category, accounting for almost 64% of all email malware attempts across our global customer base.
- Banking Trojans represented 24% of all malicious email volume, with a strain called The Trick accounting for 70% of that total.
- Email fraud attempts rose 29% over the previous quarter.
Exploit kits and web-based attacks
- Traffic from exploit kits (EKs) held steady but at levels a mere 10% of its 2016 peak.
- The RIG EK accounted for 76% of all EK activity. Attackers are layering social engineering schemes into their EK campaigns.
- Suspicious domain registrations outnumbered defensive registrations 20 to 1.
- Defensive registration of brand-owned domains fell 20% vs. the year-ago period. Suspicious domain registrations grew 20%.
- Fraudulent support accounts, used for so-called “angler phishing,” doubled from the year-ago quarter.
- The number of fake customer support accounts grew 5% over the previous quarter while the volume of phishing links on branded social channels rose 10%.