Email Threats Remain Top Attack Vector, Spike 101%

Bangalore – Trend Micro Incorporated (TYO: 4704; TSE: 4704) blocked over 33.6 million cloud email threats in 2021, a 101% increase from the previous year. This stark increase in attacks proves email remains a top entry point for cyber-attacks.

“Each year we see innovation in the threat landscape, and an evolution of the corporate attack surface, but each year email remains a major threat to organizations,” said Vijendra Katiyar, Country Manager, India and SAARC, Trend Micro. “The best shot defenders have at mitigating these risks is by taking a platform-based approach, to shine a powerful light on threats and deliver streamlined prevention, detection, and response without limits.”

Credential Phishing Attack Detections
Based on Trend Micro Cloud App Security data, 6,299,883 credential phishing attacks were detected and blocked in 2021, which accounts for a 15.2% overall increase. Similar to last year, the number of known credentials phishing attacks is greater than the unknown ones. However, in 2022, the percentage of increase is at a staggering 72.8%.

When comparing 2020 and 2021’s numbers, Trend Micro saw an 8.4% increase in the number of detections for known credential phishing links, while a 30% growth is observed in the number of detections for unknown credential phishing links.

The data was collected over the course of 2021 from products that supplement native protection in collaboration platforms such as Microsoft 365 and Google Workspace.

 Malware Detections
The Trend Micro Cloud App Security solution detected and thwarted a total of 3,315,539 total malware files in 2021. More urgently, this number represents an increase of a whopping 196% from 2020’s numbers. There were also huge spikes in both known and unknown malware detections in 2021 at 133.8% and 221%, respectively.

Ransomware Detections
Ransomware detections continued to decline by 43% year-over-year. This could be because attacks are becoming more targeted, along with Trend Micro’s successful blocking of ransomware affiliate tools such as Trickbot and BazarLoader.

BEC Detections
Business email compromise (BEC) detections also fell by 11%. However, there was an 83% increase in BEC threats detected using Trend Micro’s AI-powered writing style analysis feature, indicating that these scams may be getting more sophisticated.

The Trend Micro Cloud App Security solution intercepted a total of 283,859 BEC attacks in 2021. Compared with 2020’s BEC detections, this number represents a 10.61% decrease. Interestingly, there is an 82.7% increase in this year’s BEC attacks that were detected using Writing Style DNA, while there is a 38.59% decrease in attacks that have been blocked using the antispam engine.

Overall, BEC numbers have consistently been on a downward trend since 2020. But the reduction in BEC victims doesn’t equate to a dip in cybercriminal profits. According to the FBI’s IC3, BEC accounted for US$2.4 billion in adjusted losses for both businesses and consumers in 2021. According to the same organization, BEC losses have reached over US$43 billion between June 2016 and December 2021 for both domestic and international incidents.

Trend Micro, a global cybersecurity leader, helps with the safe exchange of digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. The platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.