In our first half (1H) of 2012 Advanced Threat Report, we looked at various factors related to email-based attack trends, including exploit vector type (e.g., link/attachment), domain frequency, and attachment polymorphism. With the holiday season starting back up, we’ll refocus our attention on all the corresponding threat data collected quarter-to-date for 2012. To be clear, these statistics reflect the number of malicious attachments seen after initial SPAM and anti-virus filtering across our customer deployments, who share intelligence back to us.
Compared to earlier this year, we’ve seen a significant increase in the rate of malicious attachments in the past two months alone.
For starters, we knew email-based attacks would increase around the start of September. Why? Because in 2011, these types of attacks occurred around the same time and were 1,353% above the average. That said, it’s surprising that this year, we see a 1.5x increase from 2011 to 2012 at 2,042% above the average! Based on this evidence, it appears that the end of August and beginning of September mark the first yearly tsunami of email attacks, with more (but likely smaller) waves expected around major holidays for the rest of the year.
Therefore, if you were a CIO or CISO, when do you think would be the best time to conduct security awareness training regarding email-based threats in your organization? Based on this repeat pattern, I would recommend starting early July or August. Specifically, waiting until October is likely not as effective, when defending against this type of threat. Read More