Mimecast report leverages insights from threat analysis of more than 1.7 billion messages per day across 42,000+ customers.

Mimecast, a leading global Human Risk Management platform has published its Global Threat Intelligence Report 2024 H1, revealing malicious links and AI-driven bots in call centres to be among the greatest threats to cybersecurity defenses, with small businesses bearing the brunt of attacks.

Mimecast Report analyses threat landscape

The report analyses the threat landscape during the first six months of 2024 and offers actionable steps for organisations of all sizes to improve cyber defenses. Key findings from the report include:

Threat actors link up

Messaging attacks continue to evolve, with hackers moving away from pushing malware to using malicious links as the preferred method of delivering payloads to victims’ systems. In fact, Mimecast’s analysis found malicious links surged by 133% in the first quarter of 2024 and 53% in the second quarter, compared to the same period in 2023.

Attacks are increasingly employing multiple layers of false information requiring more interaction from victims, who are forced to click through links, respond to CAPTCHAs, and engage with false multi-factor authentication requests.  Additional obfuscation layers allow these types of attacks to fly under the radar, gaining entry where malware would be denied.

During the first half of the year, a campaign targeting Australian law firms used confusing URLs in email messages to send users to an intermediate page on one of several collaboration platforms. Clicking on the link redirects victims to a fake Microsoft login page to access credentials.

AI-enabled scams emerge

More often attackers are using generative AI to create phishing templates. However, in one case, attackers targeted corporate employees by sending 380,000 emails with an attached PDF document. Clicking on the file opens the PDF in a web browser and displays a page hosted on an AI development service.

AI-driven attacks are not just impacting businesses. Attackers are increasingly targeting consumers by using Microsoft distribution lists to send mass emails that pass security checks and notify recipients of an imminent deduction or charge, prompting them to contact an AI bot call centre to collect information. In May 2024, Mimecast detected more than 1.6 million email messages in this type of campaign.

Small business remain the prime target for cyber threats

As observed in the Q4 2023 report, small businesses experience the highest volume of cyber threats,  Mimecast saw this peaking at 40 threats per user (TPU) in Q1 2024. Employees at both small and medium businesses continue to see more than twice the number of threats compared to users at large enterprises.

Analysing businesses of all sizes, the average number of TPUs declined by about a third, dropping from 19 TPUs on average during Q4 2023 to 14 TPUs in the latest quarter (Q2 2024). The threats impacting large enterprises declined in the first quarter, but slightly jumped in the second quarter of this year.

“Email and collaboration tools are often seen merely as cost centers, but this overlooks their essential role in cybersecurity,” said Mick Paisley, Chief Security & Resilience Officer at Mimecast. “By optimising email security, organisations can achieve significant cost efficiencies while ensuring robust protection against emerging threats. This approach is crucial not only for minimising cyber risks but also for maintaining the productivity and safety of your organisation.”

For more insights and recommendations download the full report: Mimecast’s Global Threat Intelligence Report 2024 H1.

More UK Security News.