Email security threats are on the rise once more - are you protected?

A laptop showing lots of email notifications

(Image credit: Shutterstock)

The number of security threats coming through email is growing once again, according to new research from Trend Micro.

The company's latest report, based on data from products that supplement native protection along with platforms such as Microsoft 365 and Google Workspace, says more than 33.6 million blocked cloud email threats were blocked in 2021 - a 101% increase compared to the previous year.

Last year, the biggest surge was observed for emails carrying previously unidentified malware – 221%. Among known malware, email security services blocked 3.3 million malicious files, 134% more compared to 2020. For phishing, 16.5 million attacks were blocked, representing a 138% increase year-on-year. Credential phishing attacks rose 15%, to 6.3 million instances.

Ransomware on the decline

The silver lining in the news is the decline in ransomware detections. Year on year, the number of ransomware detected dropped 43%, the report states, with the authors suggesting the drop might have something to do with ransomware attacks becoming more targeted. Furthermore, Trend Micro became better at blocking some of the more popular ransomware affiliate tools, it said

Ransomware aside, business email compromise (BEC) detections also dropped by 11%, but only for the threats detected with the help of traditional tools. Trend Micro’s AI-powered writing style analysis feature helped detect 83% more BEC threats, suggesting that the scammers might be getting more sophisticated.

> This could be a super-easy way to spot spam emails

> Beware - that email from HR might be a cyber scam

> 12 things you should know about email, spam and file attachments

For Trend Micro, this is a clear indication that email continues to be the most popular attack vector for threat actors targeting endpoints everywhere.

“Each year we see innovation in the threat landscape and an evolution of the corporate attack surface, but each year email remains a major threat to organizations,” said Jon Clay, the company's vice president of threat intelligence.

“The best shot defenders have at mitigating these risks is by taking a platform-based approach, to shine a powerful light on threats and deliver streamlined prevention, detection and response without limits.”

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.