Proofpoint closes acquisition of Tessian. Read More ->

Request a demo
Platform
Complete Cloud Email Security
Get a Platform Overview
Featured Content
What’s New
What’s New
Tessian Platform Overview Brochure
Product Resources
Tessian Platform Overview Brochure
Microsoft + Tessian: Comprehensive Email Security
Solution Briefs
Microsoft + Tessian: Comprehensive Email Security
Solutions
Tessian solutions by use case and threat types
Customers
Tessian case studies by use case and industry
Read more
Featured Content
Advanced Email Protection for Florida’s Largest Law Firm
Customer Stories
Advanced Email Protection for Florida’s Largest Law Firm
Next-Gen DLP For One of Africa’s Largest FinServ Groups
Customer Stories
Next-Gen DLP For One of Africa’s Largest FinServ Groups
Resources
Tessian content by use case and industry
Resource Center
Featured Content
Forrester has named Tessian a Strong Performer in The Forrester Wave™: Enterprise Email Security, Q2 2023
Research & Reports
Forrester has named Tessian a Strong Performer in The Forrester Wave™: Enterprise Email Security, Q2 2023
Company
About Tessian's mission and career opportunities
Read more
Request a demo
Request a demo
Request a demo
Request a demo
Request a demo
Request a demo
Threat Stories

2022 Tessian Threat Intel Roundup: Social Engineering Threats Are Here to Stay

Tessian • Thursday, December 8th 2022
2022 Tessian Threat Intel Roundup: Social Engineering Threats Are Here to Stay

Tessian Cloud Email Security intelligently prevents advanced email threats and protects against data loss, to strengthen email security and build smarter security cultures in modern enterprises.

As we close out the year, one thing is certain: Social engineering attacks will remain a mainstay for threat actors. The ease with which threat actors are able to exploit human vulnerabilities will find even the most secure organizations wanting. This is why according to Tessian’s inaugural State of Email Security Report (2022), impersonation attacks are the number 1 concern for organizations globally. Only by adopting a defense-in-depth strategy will organizations be able to reduce the risk of falling victim to social engineering-based attacks. 

 

In this final newsletter for the year we take a look at some of the dominant themes we’ve covered in 2022.

 

Sign-up for our Threat Intel update to get this monthly update straight to your inbox. 

 

“No Pain No Gain” Impersonation Campaign – Sending Stolen Credentials to Telegram Group
Threat Stories
“No Pain No Gain” Impersonation Campaign – Sending Stolen Credentials to Telegram Group
Catalin Giana • Thursday, November 10th 2022
Read article

Top Threat Intel Themes Covered in 2022

1. Phishing-as-a-Service Goes Mainstream

  • Phishing remains a persistent threat and security challenge
  • Phishing-as-a-Service offerings continue to evolve and proliferate on the dark web, reducing barriers to entry and effectively creating whole new armies of threat actors.
  • Threat actors continue having significant success using phishing and business email compromise campaigns (BEC) to compromise organizations. 
  • This helps explain why social engineering attacks in the form of phishing and BEC are the top two costliest forms of a breach, topping out at $4.91 and $4.89 million, respectively. 

 

2. Impersonation campaigns continue evolving

  • Earlier in the year we started tracking an increase in 3rd party impersonation campaigns that were leveraging PayPal to carry out invoice fraud. 
  • Other impersonation campaigns that came across the wire included threat actors targeting the legal sector – a sector that is disproportionately targeted by social engineering attacks.
  • We’ve also found that obfuscation is the name of the game for malicious payload delivery.
  • The continued persistence of brand impersonation campaigns is also cause for concern. In fact, the FTC reported a sharp increase in impersonation fraud, with losses totaling $2 billion in the period October 2020 to September 2021. 
  • We expect these trends to continue, evidenced by record breaking phishing activity in 2022, for the first time surpassing 1 million phishing attacks reported in a quarter

 

3. The Unrelenting Scourge of Ransomware 

  • One of the recurring themes we have been tracking is the nexus between ransomware and spear phishing attacks. 
  • Ransomware has proven to be a persistent security challenge with the rise of Ransomware-as-a-Service (RaaS) offerings.
  • The increase in ransomware related damages – seeing a 57x increase from 2015 – is one of the main reasons driving up cyber insurance premiums, seeing increases of over 100% in the past 18 months.
  • We expect nation-state and non-aligned threat actors to continue relying on ransomware and related extortion tactics, with email a key threat vector for payload delivery.

 

4. The rise, and rise, of credential compromises

  • Another trend we have been closely following is the increasing prevalence of credential related compromises. One such noteworthy adversary-in-the-middle (AiTM) compromise saw 10,000 organizations that use Microsoft targeted.  
  • Several large organizations have suffered credential related compromises, shining a spotlight on the fallibility of identity and access management (IAM) solutions in relation to the threat that social engineering poses.
  • Credential compromise social engineering campaigns that target organizations using  Microsoft 365 and Google Workspace collaboration software, will remain a core focus area for threat actors going forward.

 

5. Event opportunism

  • As so often is the case, cyber criminals, the opportunists that they are, will attempt to exploit international and national events, including acts of war, pandemics and festive events.
  • This reality was on full display at the start of the Russian invasion of Ukraine. We noted that over 70% of newly registered Ukraine themed domains were likely to be malicious.
  • We expected a ramp-up of Russian cyber campaign activity in the wake of the Russian invasion of Ukraine, however this has failed to materialize. 
  • Effective public-private partnerships as demonstrated by Microsoft and others are part of the reason for the unprecedented level of cyber resilience by Ukraine and allied countries. 

 

Watch Again: Fwd: Thinking – The Intelligent Security Summit
Interviews With CISOs
Watch Again: Fwd: Thinking – The Intelligent Security Summit
Andrew Webb • Thursday, October 27th 2022
Read article

Concluding Thoughts & Recommended Actions

 

Only by adopting a multi-pronged, defense-in-depth security strategy will the risk of social-engineering-related breaches be reduced. Utilizing best-in-breed cybersecurity solutions that have behavioral intelligence-based defensive capabilities, and that reinforce security culture strengthening like Tessian, is increasingly essential to address an ever-evolving social engineering threatscape. 

 

Until next year, stay safe and stay secure.

The CISO Guide to Email Impersonation Attacks
STATE OF EMAIL SECURITY 2022

To see how Tessian prevents ransomware attacks, and protects against DLP, watch a product overview video or book a demo.

 

For the latest cybersecurity news and articles, sign up for our newsletter, and follow us on Twitter and LinkedIn

Tessian

Related Posts