Russian companies have started to receive more emails with malware in attachments

In 2024, the share of emails with malware in attachments in corporate email traffic will increase almost 3.5 times compared to 2023. This follows from the data of specialists of BI.ZONE CESP service, which were reviewed by Izvestia on January 30.

In a company with 1,000 employees who regularly use email, every day at least one of them received a message with an encryptor, styler or other malware in an attachment (0.12% of traffic), the experts noted.

In addition, there were more messages with phishing links. As a result of a 25% increase, they are found on average in one email out of 100 (1%).

At the same time, according to analysts, the share of spoofing (messages with forging the sender's address) fell by 42%: in 2023, to forge the sender's address tried in every 200th message, and in 2024 - in every 350th. As explained in the service, specialized mail protection tools effectively detect such mechanics, so attackers are changing tactics: now they are increasingly trying to gain access to legitimate email accounts and make attacks on their behalf. The growing share of emails with phishing links is part of this trend: most of these links lead to a fake webmail login page. If the user fills out the form, the criminal will receive the login and password from the corporate account.

Confuse the Networks: software failures at the end of the year were most frequently recorded in retail and logistics

Difficulties arise from the departure of software vendors and increased attacks, experts say

According to experts, in the mail of industrial companies, a message with spoofing, VPO or phishing link was found in one case out of 16, medical organizations - in one case out of 36, telecommunication companies - in one case out of 48. In some industries, letters from these categories are less common: for example, in the traffic of IT and financial organizations, only six or seven such messages out of 1,000 were recorded.

"Phishing links, malicious attachments and sender address spoofing are the most serious email threats, but they are not the only ones. A significant amount of unwanted traffic is spam, as well as bot attacks that can overload the mail server, reducing its performance to such an extent that it stops receiving messages," said Dmitry Tsarev, head of cloud cybersecurity solutions at BI.ZONE.

According to him, the total number of unwanted emails of different categories regularly exceeds the number of legitimate messages, and 2024 was no exception. He emphasized that it is important for companies to pay attention to multi-layered protection of the email channel to cut off both targeted mailings and mass attacks.

To counter email threats, the experts recommended training employees in the principles of digital hygiene, using anti-virus solutions, regular training attacks and the use of specialized email security tools.

Earlier, on January 13, it was reported that 65% of the analyzed companies in Russia have a low level of security. Attacks on them can cause critical damage, lead to the interruption of key business processes and financial losses. This is stated in the results of a study by the information security company "Bastion".