Best Practices for Identifying Dangerous Emails

Disturbing Trends in Email Cyberattacks – the Statistics

Symantec’s 2018 Internet Security Threat Report makes for disturbing reading about malicious email trends:

  • The average user in the study by the end of 2017 had received 16 malicious emails a month
  • A new trend saw the number of malicious URLs (rather than malicious attachments) in emails increasing to 12 percent of malicious emails sent by cybercriminals
  • The Public Administration industry was hardest hit, with the average user receiving approximately 53 email viruses a month
  • Medium-sized enterprises (1,001 to 15,000 employees) appeared to be the largest target, with one in 244 emails containing malware. In this size business, one in three emails received by the average user had a virus.

What Is Malware?

MALicious softWARE is harmful code designed to damage your computer and/or steal your personal information. It includes viruses, worms, spyware, Trojans, bugs, bots, ransomware and rootkits.

Malware can end up on your computer in many ways, due to browsing the Internet or using a detachable device that contains malware. When it comes to email, a machine can be infected when a user opens a malicious attachment or follows a bad link. It’s smart not to click on an email until you’re absolutely sure it isn’t an attack; but the bad news is that preview panes automatically open emails for previewing, which could still lead to infection, so it’s best to switch this feature off before checking anything.

What Are the Dangers of an Email Attack?

Fraudsters use multiple email methods to gain access to a victim’s machine or get them to part with personal information. Here are a few:

Malicious Attachments

Ransomware and other insecure programs are downloaded onto a victim’s computer via an email attachment. A keylogger, for example, monitors users’ movements such as the keys they press (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Penny Hoelscher. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/CHIWmz987mE/