Only 32 per cent of email traffic seen by FireEye was thought-about to be clean, which means it had very little or no risk and was delivered to user inboxes. FireEye released its first half of 2018 Email Threat Report on this week, finding that almost all of the e-mail its security systems have analyzed was doubtless in danger.
The analysis is predicated on a sample set of over 0.5 billion emails that FireEye examined from Jan to June this year. But, simply because an email is not measured to be clean doesn’t mean it is malicious intent. Only one in each 101 emails was resolute to own malicious intent, according to FireEye.
In terms of how the proportion of unpolluted email was resolute by FireEye, there are each association and content level indicators of hazard that were considered. 58 per cent of emails were barren at the association level, wherever abnormal email traffic is recognized supported a managed block list of compromised IP addresses and famed malicious domains. A further 10 per cent of emails were blocked at the content level, owing to malicious attachments, malware URLs or impersonation detection.
FireEye considers impersonation and BEC to be a group of attack it refers to as malware-less that is, there’s no possible virus or file that’s directly related to the attack. As per the report, 90 per cent of all email attacks blocked by FireEye in the mid of 2018 were malware-less, with solely 10 per cent containing some variety of malware, together with ransomware, viruses or spyware.
While email attacks will and do come back at any time of the day, any day of the week, FireEye detected a variety of temporal order trends. Looking deeper into what makes up malware-less email, FireEye reportable that phishing attacks accounted for 81 per cent of the blocked malware-less email, with 19 per cent coming from impersonation attacks.