Use of Malicious Links Surges by 133% in Q1, Setting the Tone for the First Half of 2024

Threat actors are opting for malicious links over attachments in email-based attacks because it gives them a critical advantage that many solutions can’t address.

Given that a malicious email is the very first step (or close to it) in an attack, it’s critically important that the attack maintain its’ stealth; detecting an attack at this point means an early (and well-deserved) death to the attack itself – something threat actors don’t want to see.

The use of malicious attachments has decreased, according to Mimecast’s Global Threat Intelligence Report 2024 H1, in lieu of links because it keeps the threat actor in control, able to obfuscate the malicious content intended to be delivered to the victim through redirects, captcha, use of legitimate web services, and more.

Source: Mimecast

As you can see in the image above, Mimecast saw a continual decline in the use of known malware over the last six quarters. Links give threat actors far more options and serve as the basis for web-based malicious platforms to exist where those with little or no knowledge of how to keep security solutions from detecting a malicious email can take advantage of the experience and know-how of seasoned threat groups and use a world-class set of tools, sites, applications, and code all designed to throw security solutions off the scent of a malicious link.

It also means that the clear answer is to involve the user by enrolling them in new-school security awareness training. Users are able to add to the organization’s defenses, spot suspicious or malicious email content to distern its true nature and avoid becoming a victim.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.