Your email has never been more under threat than now. A new report warns that sophisticated attacks using AI to better mock-up fake emails and websites to trick you into clicking links, downloading attachments and installing apps are now surging. And for users of the most popular email platforms—Gmail, Outlook, AOL, Yahoo and others, there is now clear guidance you must follow to stay safe.
Cyber firm Kaspersky says its systems “uncovered an average of 467,000 malicious files [attachments] per day in 2024—a 14% increase from 2023.” Windows users are the primary target—accounting for 93% of all those daily file detections—given it presents a much greater attack surface than Apple devices or mobile phones.”Certain threats saw even steeper growth,” Kaspersky warns, “ highlighting “a 33% rise in Trojan detections and a 19% increase in Windows malware compared to 2023.”
We have seen other warnings in the last few days over Windows attachments—zip files and office documents—driving attacks. ANY.RUN warns that these attachments are even now being deliberately corrupted to evade antivirus software, “allowing the malicious emails to reach your inbox” and deliver their malicious payloads.
A spokesperson for Kaspersky warned that this latest surge comes “as adversaries continue to develop new malware, techniques and methods to attack users and organizations.” As with most recent reports, AI is the game-changer. “There were massive phishing and malicious campaigns targeting social media users… And, of course, the use of AI tools to generate new malware or facilitate phishing attacks.”
Whatever email platform you’re using, Kaspersky’s advice is clear:
- “Do not download and install applications from untrusted sources
- Do not click on any links from unknown sources or suspicious online advertisements
- Always use 2FA when available. Create strong and unique passwords, using a mix of lower-case and upper-case letters, numbers, and punctuation. Use a reliable password manager to help to remember them
- Always install updates when they become available; they contain fixes for critical security issues
- Ignore messages asking to disable security systems for office or cybersecurity software
- Use a robust security solution appropriate to your system type and devices.”
This holiday season is turning out to be something of a minefield from a cybersecurity perspective, with holiday shopping scams up 89% and new SEO poisoning attacks as well as almost 80% of all spam emails now likely carrying malware or driving a fraudulent scam.
It has never been more critical to follow the above advice.
