Cybercriminals are always a constant threat to any organization. While there are many ways for cybercriminals to compromise a network, using email as the gateway is one of the most common. As more and more businesses move to a remote or hybrid work environment, it is arguably more important than ever to prioritize email security.

According to Gartner, increases in the volume and success of phishing attacks – and the migration to cloud email – require the reevaluation of email security controls and processes. As a result, team members who manage their organizations security practices need to ensure their current security solutions adapt to the changing landscape.

The last couple years saw big changes in the way businesses function, as they were forced to lean on cloud security. It’s important to analyze previous trends among attackers and have a plan as tactics evolve. With that said, here are some email security predictions we are likely to face in 2022.

1.) Ransomware will reign as the preferred method of cybercrime

Ransomware attacks, which can be spread through malicious links or attachments in emails, will continue especially as small businesses experience a shortage in cybersecurity resources and expertise.

In a press release from the Identity Theft Resource Center (ITRC), it was documented that ransomware attacks were one of the top two attack vectors from the start of 2021 through September of the same year.

Transitioning to remote work also presented problems for on premise networks. These custom-built environments require teams of professionals to secure them from vulnerabilities and protect them from attacks. In 2022, expect ransomware gangs to develop better ways to evade detection from authorities and expect them to form ransomware syndicates.

2.) Ransomware-as-a-Service will gain popularity

In 2021, ransomware attacked companies ranging from meat producers to oil pipelines.  As successful attacks increased, so did the number of cyber gangs turning their Ransomware-as-a-Service (RaaS) model into a franchise.

3.) Remote workers will continue to face risk

Working from home presents many challenges, and understanding the risk that cloud email users face is one of the greatest among them. Employees tend to rely on email as the primary method of communication with sending sensitive documents or links. This elevates the risk of impersonation and phishing attacks. Challenges created by remote work will continue. Organizations that use cloud based email platforms need more than a single-layered defense in order to protect against the most recent threats.

4.) Advanced Phishing and CEO Fraud Attacks are rising

Most organizations have an existing email security protection, but phishing and ransomware attacks are at an all-time high – and are expected to rise this year. Outgoing email security is also concerning.

CEO fraud is an email scam that attackers use to coerce victims into transferring money or sensitive information to criminals. An attacker pretends to be the CEO or another executive, and asks the target to help them make a bank transfer.

Watch this year for increased attacks during holidays and other significant events. Both CISA and the FBI warned that cybercriminals are eager to disrupt business and critical infrastructure to demand cryptocurrency payments.

5.) Malicious Attachments will continue to be a threat

Microsoft Excel and Word macros have long been used in phishing attacks by cyber thieves to launch remote access tools to gain control of a target’s computer. Attackers have recently themed malicious attachments after COVID-19, taking advantage of the fear and uncertainty surrounding the pandemic. Although knowledge of malicious attachments is increasing, it still remains one of the top threats cybercriminals use.

Attacks are usually attempted using infected PDF and Office files. However, criminals are starting to mask detection using file types that are not traditionally blocked.

6.) Zero-Day Malware Attacks are increasing

A Zero-Day Attack is when an attacker exploits a flaw in software or hardware before it can be identified and remediated by the manufacturer. These vulnerabilities are then often times sold to other criminals.

Zero-day exploits require more work to pull off, but because of the number of companies operating in the cloud, one of these types of vulnerabilities can result in millions of customers being targeted for an attack.

How to Prevent these Types of Attacks

There are standard tips and risks to be mindful of. Most commercial default security settings are severely lacking, leaving remote workers susceptible to credential phishing. It is estimated that 30% of all phishing attacks make it through existing systems and are opened by the target. Using email authentication protocols will help by confirming messages are legitimate, while sender authentication protocols work by preventing spoofing and business email compromise. Cybersecurity teams will be able to act more proactively with prevention in real-time with the help of machine learning.

Story via Tripwire