Email continues to be an extremely effective vector for delivering malicious content because of how adept attackers have become at tricking users over the years.
The latest examples include the increasing use of malicious URLs in emails rather than attachments, a trend toward use of HTTPS domains for hosting malicious sites, and new variants of impersonation fraud.
FireEye recently analyzed a sample set of 1.3 billion emails for the first three months of 2019 and counted more URL-based email attacks than attachment-based ones in the first quarter.
URL attacks involve emails with embedded links pointing to a malware download site or a phishing site designed to steal a user’s account credentials or credit card data. Emails containing such links are often harder to detect and block than ones with malicious attachments, according to FireEye.
In many cases, attackers have been embedding such links in emails with very little or no content in them in an attempt to bypass email filters and to try and get the recipient curious enough to click on the link. According to FireEye, there was a spike in the number of content-less emails in January. Sometimes the emails have contained nonclickable URLs that are activated when a user copies and pastes it into a browser, the vendor noted.
Read more: Dark Reading