Gmail, Bitly and QR codes increasingly used in cyberattacks

The number of Business Email Compromise attacks has increased over the past 12 months and now accounts for 10.6% of all attacks using email messages. Conversation hijacking is also becoming more popular, with their number increasing by 70% since 2022. Attackers are also keen to use QR codes, popular webmail services, and URL shortening tools. These are the conclusions from the latest report prepared by Barracuda, a producer of IT security solutions.

The report “Email Threats and Trends” shows how targeted attacks originating in email messages are developing in the era of artificial intelligence. Barracuda researchers analysed 69 million attacks on 4.5 million mailboxes over the year. The conclusions are clear: although the cybersecurity landscape is still dominated by mass phishing attacks, the number of more targeted and potentially more harmful threats such as Business Email Compromise and conversation hijacking is steadily increasing.

– The results of the report show that cybercriminals are adjusting their tactics and taking advantage of generative artificial intelligence to scale their attacks, evade traditional security measures and effectively deceive potential victims – says Mateusz Ossowski, CEE Channel Manager at Barracuda Networks.

“Email Threats and Trends” Report – key findings:

• Business Email Compromise (BEC) attacks accounted for over 10.6% of all social engineering attacks in 2023. In 2022, it was 8%, and in 2021 – 9%.
• Conversation hijacking accounted for 0.5% of social engineering attacks last year. This is an increase of nearly 70% compared to 0.3% in 2022. Such attacks require a lot of effort from the cybercriminal, but can also be profitable.
• 1 in 20 mailboxes was targeted with QR code attacks in the last quarter of 2023. QR code attacks are difficult to detect using traditional email filtering methods. They also shift victims from corporate devices to personal devices such as phones or tablets, which are not protected by corporate security software.
• Gmail was the most popular free webmail service used for social engineering – it was used in 22% of such attacks. Just over half of the detected attacks using Gmail were Business Email Compromise attacks.
• The bitly tool was used in almost 40% of attacks containing a shortened URL. URL shortening apps condense the link, so the actual link to the page is masked by random letters or numbers. The use of this tactic can hide the true nature and purpose of the link.

– IT and security specialists need to consider the evolution of threats and its impact on security measures and ways of responding to incidents. Attackers today use generative artificial intelligence, making their actions more advanced and difficult to detect. The best defense is to use cloud security tools that capitalize on the capabilities of artificial intelligence. They can quickly adapt to changing conditions and do not rely solely on searching for malicious links or attachments – sums up Mateusz Ossowski.