Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats — Mimecast
Mimecast's analysis reveals a 133% increase in malicious links in the first quarter of 2024 and a 53% increase in the second quarter compared to the same period in 2023. Hackers are using malicious links instead of pushing malware to deliver harmful payloads to victims' systems.
Cyber attacks now involve multiple layers of false information, requiring victims to interact more. They are forced to click through links, respond to CAPTCHAs, and engage with false multi-factor authentication requests.
During the first half of the year, Australian law firms were targeted with a campaign using confusing URLs in email messages to redirect users to a fake Microsoft login page where hackers attempted to steal credentials.
Mimecast, a leading global Human Risk Management platform, today published its Global Threat Intelligence Report 2024 H1, revealing malicious links and AI-driven bots in call centers to be among the greatest threats to cybersecurity defenses, with small businesses bearing the brunt of attacks.
The report analyzes the threat landscape during the first six months of 2024 and offers actionable steps for organizations of all sizes to improve cyber defenses. Key findings from the report include:
Threat actors link up
Messaging attacks continue to evolve, with hackers moving away from pushing malware to using malicious links as the preferred method of delivering payloads to victims' systems. In fact, Mimecast’s analysis found malicious links surged by 133% in the first quarter of 2024 and 53% in the second quarter, compared to the same period in 2023.
Attacks are increasingly employing multiple layers of false information requiring more interaction from victims, who are forced to click through links, respond to CAPTCHAs, and engage with false multi-factor authentication requests. Additional obfuscation layers allow these types of attacks to fly under the radar, gaining entry where malware would be denied.
During the first half of the year, a campaign targeting Australian law firms used confusing URLs in email messages to send users to an intermediate page on one of several collaboration platforms. Clicking on the link redirects victims to a fake Microsoft login page to access credentials.
AI-enabled scams emerge
More often attackers are using generative AI to create phishing templates. However, in one case, attackers targeted corporate employees by sending 380,000 emails with an attached PDF document. Clicking on the file opens the PDF in a web browser and displays a page hosted on an AI development service.
AI-driven attacks are not just impacting businesses. Attackers are increasingly targeting consumers by using Microsoft distribution lists to send mass emails that pass security checks and notify recipients of an imminent deduction or charge, prompting them to contact an AI bot call center to collect information. In May 2024, Mimecast detected more than 1.6 million email messages in this type of campaign.
Small businesses remain the prime target for cyber threats
As observed in the Q4 2023 report, small businesses experience the highest volume of cyber threats, Mimecast saw this peaking at 40 threats per user (TPU) in Q1 2024. Employees at both small and medium businesses continue to see more than twice the number of threats compared to users at large enterprises.
Analyzing businesses of all sizes, the average number of TPUs declined by about a third, dropping from 19 TPUs on average during Q4 2023 to 14 TPUs in the latest quarter (Q2 2024). The threats impacting large enterprises declined in the first quarter, but slightly jumped in the second quarter of this year.
“Email and collaboration tools are often seen merely as cost centers, but this overlooks their essential role in cybersecurity,” says Mick Paisley, Chief Security & Resilience Officer at Mimecast. “By optimizing email security, organizations can achieve significant cost efficiencies while ensuring robust protection against emerging threats. This approach is crucial not only for minimizing cyber risks but also for maintaining the productivity and safety of your organization.”
For more insights or to read the full report, please visit www.mimecast.com.