Email Security Trends 2022 | CyberNcrypt
What Is Email Security?
The techniques and technologies used to safeguard email accounts and communications. Email, the largest attack surface of an organization, is the primary target of phishing attacks and can be used to spread malware.
Email is an integral part of organizational communication because it enables users to communicate quickly, easily, and on a variety of devices. Additionally, email can be used to send a variety of media types, and communications can be tracked, stored, and organized based on attributes such as time and date stamps and file size.
Email is one of a company’s largest attack vectors due to the fact that it contains sensitive information, is used by all employees, and therefore contains sensitive information. The transition to cloud-based email services like Gmail and others has several advantages, but cloud-based email has become an attractive target for cybercriminals. So email security is very important from an organizational security perspective.
The studies reveal that phishing URLs and malicious documents are becoming increasingly prevalent in email security.
The majority of malicious emails contained a phishing URL used to steal credentials or lure victims into downloading malware. Emails containing malicious documents, such as Microsoft Office or PDF files, are the second most common type of attack. These documents contain macros that function as downloaders or exploits, giving the attacker control of the victim’s system. The emails contain malicious executables such as information-stealing programs and trojans also cause serious damage.
Major Exploits
The majority of exploits are distributed as malicious RTF files, Microsoft Office documents with weaponized OLE objects, PDFs infected with Adobe Reader exploits, or malicious JS scripts. The top three file formats are windows rtf, the most recent office format, and the legacy role office formats.
| RTF | 50.76% |
| CVE-2017-11882 | 15.7% |
| CVE-2012-0158 | 12.84% |
| CVE-2017-0199 | 17.94% |
| CVE-2014-1761 | 5.8% |
| CVE-2017-8759 | 4.41% |
| Office | 31.25% |
| CVE-2017-11882 | 23.84% |
| CVE-2017-0199 | 3.05% |
| CVE-2017-8570 | 1.7% |
| OLE | 17.99% |
| CVE-2017-11882 | 12.74% |
| CVE-0201-20158 | 4.16% |
