Check Point: 90% of enterprise attacks start with phishing emails

Corporate Information

industry

Just released

1825

collect

Introduction: The global population will send 330 billion emails every day in 2022, and according to Statista's forecast, this number will grow by 17.8% by 2026.

· The global population will send 330 billion emails every day in 2022, and according to Statista's forecast, this number will grow by 17.8% by 2026.

· Research from Check Point Software Technologies shows that 62% of malicious files were spread via email in the past 30 days, with PDF being the most common format at 59%.

Email is one of the most important technological innovations in modern times, revolutionizing the way we understand the world and reshaping business models. Since its advent in 1965, email has become one of the main communication tools indispensable in people's lives and work. According to Statista data,The number of email users will exceed 4.26 billion in 2022.The number of emails sent every day has reached 330 billion and is expected to grow by 17.8% by 2026. However, the technology’s widespread use also makes it one of the most vulnerable targets: according to Techopedia,More than 3.4 billion phishing emails are sent dailyleading to 90% of data breaches.

Today, the world's leading cloud AI network security platform provider Check Point® Software Technologies, Inc.(Nasdaq: CHKP) looks back at the evolution of email, using numbers to illustrate how email has grown into one of our primary communication tools, making it a key target for cybercriminals.Research from Check Point Software Technologies shows that more than 90% of current enterprise attacks begin with malicious emails. In the past 30 days, 62% of malicious files were spread via email, with 1 in every 379 emails containing such a malicious file, with PDF being the most common format at 59%.

According to third-party surveys, as of the end of 2023, there were approximately 5.28 million independent domain names for corporate email registered in China, and the number of active domestic corporate email users was approximately 190 million. my country's corporate email users have sent and received more than 779.8 billion emails of various types. Among them, normal emails accounted for 45.8%, ordinary spam emails 40.5%, phishing emails 7.4%, poisonous emails 5.8%, and other emails that did not send information accounted for about 0.42%. In terms of quantity, our country has become one of the main victims of phishing emails and malicious emails.

First email to AI generated phishing email

In 1965, a research group at the Massachusetts Institute of Technology (MIT) invented email. This was the first electronic messaging system for internal use, but the systems then were very different from today. In 1971, Ray Tomlinson invented email: a personal digital mailbox that could receive messages, with an infrastructure not too different from today's.

Email began being used as a business marketing method in 1978 when Gary Thuerk launched the first email marketing campaign. However, until the late 1980s, email was limited to business use. Microsoft Mail was the first program launched for users and added attachment options in 1992. Since then, other email addresses have been launched, including Microsoft Outlook in 1993, Hotmail, Yahoo Mail and Gmail in 1996.

Email has always been one of the most common ways of spreading malware, with major attacks such as Creeper or Happy99 causing heavy losses to businesses, such as WannaCry (€3.8 billion) or MyDoom (€34 billion).

Phishing attacks are one of the most common ways to spread malware and ransomware, dating back to 1996. At that time, America Online (AOL) first used the term. In this attack, cybercriminals randomly generated credit card numbers and opened new accounts on AOL, pretending to be employees of the service to steal user credentials. Later, in the early 2000s, there was the emergence of “cast-net” attacks—phishing campaigns that impersonate well-known brands to deceive potential customers with the intent of stealing their credentials.

This cyber threat has evolved over time, adopting sophisticated tactics such as identity spoofing, and making extensive use of artificial intelligence and deepfakes. Artificial intelligence technology is now heavily used in identity spoofing campaigns: attackers forge email addresses to impersonate someone else or a legitimate organization, with the primary goal of fooling recipients into thinking the email comes from a legitimate source. Ransomware attacks often use this tactic to encrypt the victim's files or lock down the entire system until the victim pays the ransom. Check Point Software Technologies reports,10% of companies worldwide have been attacked by ransomwarean increase of 33% compared to last year.

Phishing attacks are pervasive and primarily affect large companies: According to a study on phishing attacks by Check Point Research (Brand Phishing Report Q1 2024), with Microsoft being the top target (accounting for 38% of global phishing attacks), followed by Google and LinkedIn.Such threats can lead to large-scale data breaches, such as the infamous January 2024“Mother of all Breaches”The ultra-large-scale breach exposed more than 26 billion records, including user data from LinkedIn, Twitter, Tencent and other platforms.

Check Point software technology company helps keep email secure

To effectively protect user data and corporate reputation, organizations must implement best email security practices and follow a series of security awareness and security defense guidelines:

· Conduct security awareness and user training: Users must be aware of the threats they face and receive regular training so they can recognize cyberattacks and know how to respond.

· Use strong passwords

· Use multi-factor authentication

· Update and patch early: Keep your email software and device operating systems updated with the latest security patches to effectively prevent potential vulnerabilities.

· spam filtering

· Use encryption technology to protect the privacy and confidentiality of email.

· Implement data loss prevention (DLP) and adopt a safe browsing solution.

Check Point Software Technologies, Inc. Passed Harmony Email & Collaboration Comprehensive email protection provided. Focused on artificial intelligence and machine learning-driven defense, the solution blocks the most sophisticated evasive attacks and provides comprehensive protection against all types of malware, keeping all of your company's confidential information safe. In the Omdia Universe 2024 Annual Email Security Report, this technology was rated as the most effective email and communication protection technology, with a success rate of 99.8%.

Wang Yuelin, technical director of China at Check Point Software Technology Company, said: “Email is one of the most effective tools for enterprises today and has many advantages. However, we need to always be wary of cyberattack attempts using email, including ransomware attacks and deception. Phishing scams. The widespread use of artificial intelligence technology by attackers is making this problem even more serious. In the face of raging cyber threats, we must focus on implementing strong email security solutions, developing comprehensive user training, and staying on top of it. Security awareness is a must-have for all companies.”