06/25/2019 | Press release | Distributed by Public on 06/25/2019 06:20
FireEye research reveals a26% increase in malicious URLs using HTTPS, a 17% rise in phishing attempts, a significant increase in file-sharing service exploitation, and new impersonation techniques
MILPITAS, Calif.--(BUSINESS WIRE)--Jun. 25, 2019-- FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today released the results of its Q1'19 Email Threat Report. After analyzing a sample set of 1.3 billion emails, FireEye found increases in three main areas: spoofed phishing attempts, HTTPS encryption in URL-based attacks,and cloud-based attacks focused on publicly hosted, trusted file-sharing services.
In the report, FireEye observed several important trends:
Payroll: This new variant targets an organization's Payroll department with an email requesting changes to an executive's personal data, such as bank details, with the objective of diverting an executive's salary to a third-party account.
Supply Chain: This new variant targets the Accounts Payable department by impersonating an email from a trusted supplier (instead of the CEO or senior executive) to re-route a fraudulent payment to a third-party account.
'Threat actors are doing their homework. We're seeing new variants of impersonation attacks that target new contacts and departments within organizations,' said Ken Bagnall, Vice President of Email Security at FireEye. 'The danger is these new targets may not be prepared or have the necessary knowledge to identify an attack. Unfortunately, once the fraudulent activity is discovered, the targeted organization thinks they've paid a legitimate invoice, when the transaction was actually made to an attacker's account.'
Methodology and Resources
The FireEye Email Threat Report is the result of FireEye's analysis of a sample set of 1.3 billion emails from January through March 2019. For more information about the latest malicious content delivery tactics, impersonation techniques, and URL based attacks, download the full FireEye Email Threat Report at https://www.fireeye.com/offers/rpt-email-threat.html
The company's extensive knowledge of the threat environment and attacker tools and techniques enables FireEye Email Security to detect and protect organizations from the advanced email threats other solutions miss. For a free email analysis, visit www.fireeye.com/email
About FireEye, Inc.
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,900 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.
© 2019 FireEye, Inc. All rights reserved. FireEye and Mandiant are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
View source version on businesswire.com: https://www.businesswire.com/news/home/20190625005007/en/
Source: FireEye, Inc.