《Cofense：2023年电子邮件安全报告（英文版）（27页）.pdf》由会员分享，可在线阅读，更多相关《Cofense：2023年电子邮件安全报告（英文版）（27页）.pdf（27页珍藏版）》请在三个皮匠报告上搜索。

1、2023 ANNUAL STATE of EMAIL SECURITY REPORTISSUED MARCH 20232023 Cofense Annual State of Email Security Report 1CONTENTS2023 Cofense Annual State of Email Security Report 1Letter from the CISO .2 SECTION 1 Executive Summary .3 Top Attack Vector in 2022:Credential Phishing .5 Emotet&Qakbot Remain the

2、Top Malware Families to Watch .5 BEC Continues to be One of the Top Cybercrimes for the 8th Year in a Row Related to Financial Losses .7SuccessfullyBypassingTwo-FactorAuthorization(2FA)toGainAccesstoAccounts Payroll Diversion Attacks Still Flying Under the Radar Law Enforcements Takedown of Cybercri

3、me Scamming the ScammersAttackersStillRequestGiftCardsin2022 Web3 Technologies Used in Phishing Campaigns Increased 341%.9 Telegram Bots as Exfiltration Destinations Increased 800%.9 SECTION 2 Phish Swimming in Murky Waters .10 Downstream Impacts,Ransomware .10Big Breaches .10World Events .11Blockch

4、ain,Cryptocurrency and NFT Phishing .11Energy Sector(Critical Infrastructure)on High Alert .13Malicious HTML Attachments .13Adobe is the T Domain Abused to Deliver Phishing Emails .14Top Malicious Attachment Types Reaching Inboxes .15EmotetPhishingEmailsExploit2022TaxSeason,SpoofingIRS Return of Emo

5、tet Phishing Emails Malware Foothold:QakBot Noteworthy Mentions .17PhishingAttacksSupportedbyIllicitMarketplaces“PhishingasaService(PaaS)”ContiLeaksDemonstratedImportanceofPhishinginRansomwareOperations Whaling in Bulk Industry Overview .19 SECTION 3 So Now What?.21 How to Enhance Your Email Securit

6、y .21 Checklist:Protect Your Organization from Top Threats .23 BEC/Vendor Email Compromise Credential Phishing Attachments Malware 23CONCLUSION .24APPENDIX .25 List of Figures .252023 Cofense Annual State of Email Security Report 2LETTER FROM THE CISOAs I transition from behind the scenes of this re