Old Threats, new highs, Response based emails increase in quarter 2

In keeping up with the Q2 threats that were talked about as part of the report, Phishlabs talks about the fact that response-based email is going up.

This post is more in the corporate world, so consumers may not necessarily see these types of attacks, but we should know about them anyway.

With that being said, one of the headings may concern every single one of us. That is, credential threats such as stuffing and theft in general. The first paragraph of this section of the article says:

In Q2, Credential Theft incidents contributed to the majority of email-based threats, representing 54.5% of volume. Although Credential Theft activity declined 4.2% from Q1, it continues to be the top email threat to corporate users.

With that said, we may be targets if we don’t pay attention to what is out there.

Office365 is a great target, says the article. It is up 17 percent from last report. The paragraph talking about office365 says:

Attacks targeting Office 365 accounts are climbing, up 17.7% compared to Q4 2021. O365 incidents represented nearly 60% of all Credential Theft phishing attacks that contained a link, reaching a six-quarter high in share and volume. Account credentials associated with collaboration applications and tools are valuable assets to criminals, who use stolen login information to access multiple machines within a network. Malicious attachments such as Docuphish made up 15% of Credential Theft attacks, declining 5.2% from Q1.

Under response based email, the first paragraph talks about scams like the advanced fee scam “419” or the Nigerian Prince scam. I talked about getting such an email some time back when someone on twitter who ended up getting suspended sent me such an email..

That story, as sad as it was, was a message just asking me to email a particular address. I asked why, and I was just told to do it.

The 419 scam works like this. Someone claims they have millions stuck somewhere and they’re on the verge of dying, or having trouble keeping the money in the country. They want you to take a majority of the money, but for you to get it, you need to pay some type of fee.

Advanced-Fee Scams (419) represented the top Response-Based threat-type in Q2, contributing to more than 54% of share of volume. Advanced-Fee Scams are consistently the most reported threat-type within the group and so far have increased 3.4% in 2022.

Continuing, that section says:

Despite demonstrating a slight decline in share, hybrid Vishing attacks were the second most reported Response-Based threat type, increasing 625% from Q1 2021 to Q2 2022. This represents a six quarter high in volume. Hybrid Vishing emails use a unique combination of email lure and mobile number within the body to convince victims to call a fake representative. Once the parties engage, the victim submits their personal information, believing it is being received by a legitimate and familiar business.

This is the biggest stat I want to highlight and you heard in podcast 364’s audio that covered the report. I mentioned it both on the box and Throwback’s hour of security, and everyone just doesn’t know what to say about this one.

It puts every other number to shame, and that, i just don’t know what to say. While the vehicle calls seemed to have dropped, other types of phone calls might come to you. Nick told me that he got one by Amazon about some order that he never even ordered from them as an example.

I could continue to take this article apart, but I’ll leave you with that big stat, and if you’re interested to read more, the article again is titled Old Threats, New High: Response-Based Emails Increase in Q2 and it comes again from our good friends at Phishlabs.

Please take the time to read this article, some of it might affect you. Thanks so much for reading, participating and learning with us.

If you haven’t downloaded podcast 364 which covers the threat trends and intelligence report, go over to our podcasts category and find the blog post to download your copy. Its a must listen to podcast if you want to keep yourself as safe as possible and not be a statistic. Thanks Phishlabs for putting on these reports, and we’ll see you next quarter for q3. Its going to get very interesting.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.