Proofpoint experts countedthat 85% of all mail spam sent in the second quarter of 2019 (April, May and June) contained links for downloading malicious files, but not attachments with the files themselves.
Researchers write that in this way, the second quarter continues the trend of the first, when malicious URLs also dominated as the most popular way to distribute malware through email. This trend proves that using links, malicious campaign operators receive more clicks and infections compared to the classical technique of attaching files to emails. Obviously, users have become distrustful of any attachments in the mail.
It is also worth noting that in previous report Proofpoint reported that 99% of all email-based cyberattacks require human interaction. That is, the goal must open files, click on links or perform any other actions.
Other findings from the latest Proofpoint report released this month read:
- In 57% of cases, spammers use domain spoofing.
- Botnets have become the most popular malware distributed through spam campaigns; they accounted for 37% of all emails.
- The botnets are followed by banking Trojans (23%), data theft software (16%), malware downloaders (8%), remote access trojans (6%) and backdoors (5%).
- As in previous quarters, ransomware activity was practically not recorded in the second quarter.
- Ursnif malware accounted for 80% of all banking Trojans sent by email. It is followed by URLZone, The Trick and Dridex.
- In the first place in the ranking of data theft software is Pony, followed by AZORult, Loki Bot and Formbook.