The Cofense Intelligence™ team analyzes millions of emails and malware samples to understand the phishing landscape. In Q4 2021, we observed that malicious phishing campaigns increased, mainly due to the return of Emotet in early November. Campaigns delivering malware preferred keyloggers, with information stealers remaining a close second within the quarter. Patterns in threat actors’ use of credential phishing domains and malicious attachment file types were generally consistent with Q3. In this report, we also highlight how threat actors can manipulate HTML files that help them be delivered to an end-user within a secure email gateway (SEG) protected environment.
Download our Q4 2021 Phishing Review and check out our predictions about what to expect going forward, including:
- Qakbot will be a malware family to watch closely in Q1 2022
- Malicious botnet takedowns will probably occur, but it should not be assumed those takedowns are final
- Emotet campaigns are likely to increase in volume and evolve with the cyber defenses deployed
