As noted recently on Ride the Lightning, the blog of cyber security expert Sharon Nelson of Sensei Enterprises, Inc., the experts at FireEye have released a report showing the results of an analysis of email messages for harmful content.
The report found that more than 90% of cyber security related criminal incidents are effectuated via email, and nearly two-thirds of emails contain content which should be blocked - whether it's spam or something with malicious content. FireEye's analyzed more than 500 million emails sent in the first six months of 2018. Only about 10% of cyber attacks conducted with email constitute malware - those involving viruses, ransomware or spyware. The rest of the attacks include whaling (scams directed at C level executives), spear fishing (targeted social engineering attacks), impersonation, and fraud. The April tax deadline season is the occasion for attacks which attempt to access W2 forms. The organized crime group FIN7 (or the Carbanak Group) is known for planning impersonation email attacks.
Business email compromise (BEC) email attacks may only consist of ordinary text. It will be up to an end user to identify them as threats. Typosquatting and homoglyphs involve the use of friendly seeming domain names as a means of deception. (e.g., @yaho0.com).