In 2024, the email threat landscape intensified as attackers deployed more sophisticated, stealthy, and persistent methods against organizations worldwide.
Trend Micro, in a new report, confirmed that “email remains the primary attack vector,” with phishing, malware, ransomware, and Business Email Compromise (BEC) incidents all increasing.
According to the report, the volume of high-risk email threats detected and blocked jumped by 27% year over year, from over 45 million in 2023 to nearly 57 million in 2024.
This rise underscores the use of advanced tactics to evade defenses, especially through QR-code-based phishing — or “quishing” — which embeds malicious QR codes in email attachments disguised as legitimate login or verification prompts.
Shifts in Malware, Ransomware, Phishing, and BEC Attacks
Email-delivered malware also shifted significantly. The report notes, “detections of known malware increased by 47% compared to 2023,” indicating that attackers relied more on proven malicious code.
In contrast, “unknown malware detections declined by 39%, reflecting improvements in defensive capabilities and rapid classification of emerging threats.”
Ransomware activity remained high, with detections steady at about 63,000 incidents. Notable ransomware campaigns in 2024 included the use of tools like EDRKillShifter to bypass security controls and deploy malware more effectively. Attackers were also observed favoring high-impact, targeted campaigns over widespread attacks.
Phishing and malicious URL detections rose by more than 20% year over year. The report states that advanced sandboxing detected “211% more malicious URLs, showcasing the growing complexity of attackers’ methods, including delayed payloads and dynamic redirects.” Credential phishing rose by 36%, while overall phishing incidents climbed by 31%, highlighting intensified efforts to steal login credentials.
BEC attacks also escalated, aided by AI-generated deepfakes and advanced impersonation. The report states, “BEC incidents rose 13%, while detections of impersonation fraud using authorship analysis surged by 77%.” Notably, “the average wire transfer amount per BEC attack nearly doubled in the last quarter of 2024, reaching $128,980.”
Recommended Security Measures for Organizations
To effectively counter the evolving email-based threats highlighted in the report, organizations should implement the following security measures to strengthen their defenses and reduce risk:
- Optimize security settings to receive alerts on misconfigurations.
- Promptly verify and investigate risky events by engaging device or account owners.
- Disable or secure risky accounts by resetting passwords and enabling multi-factor authentication (MFA).
- Apply the latest patches and updates to operating systems and applications without delay.
- Employ AI-based analysis techniques, such as behavioral and visual anomaly detection, to identify impersonation and deception.
- Implement sandboxing and URL time-of-click inspection for files and links to detect delayed or dynamic threats.
- Monitor and manage lookalike or suspicious domains as part of a domain protection strategy.
- Adopt a defense-in-depth approach across email, endpoints, identities, cloud, and governance for comprehensive protection.
Also read:
- 70% of Malware Attacks Now Target Web Browsers, Not Email
- Opening Email PDFs: A Potential Gateway for Cyber Attacks
- Zero-Click Microsoft 365 Copilot Flaw Lets Hackers Steal Data with Just an Email
About Author
