Threat Intelligence Hub

Offering unparalleled email and collaboration protection, the Mimecast Product Suite becomes the eyes and ears of our customers’ organizations and transforms security from reactive to proactive.

Read the latest threat intelligence notifications and gain insight to better protect your organization.

Invoice Based BEC Threats

Nov. 18, 2024

Prevent the payment of fraudulent ZipRecruiter and TeamViewer invoices.
Read More
Hiding with Turnstile Verification

Nov. 7, 2024

The latest obfuscation techniques to hide malicious content behind turnstile verification techniques.
Read More
Broado Info Stealer

Oct. 14, 2024

Prevent the exfiltration of AWS and Github credentials.
Read More
AI Generated Phishing Messages

Sep. 30, 2024

Use the indicators in AI-written messages to improve phishing investigation.
Read More
Cloud File Shares

Aug. 02, 2024

Learn about new obfuscation techniques requiring user interaction to access malicious content.
Read More
Online AI Tools

Aug. 02, 2024

Learn about the impersonation of HR teams through the abuse of HTML attachments.
Read More
Workspaces Abuse

Aug. 02, 2024

Learn how to protect your organization and inform your users about the abuse of cloud file services.
Read More
Phishing campaigns using re-written links

Jul. 31, 2024

Protect yourself against the abuse of rewritten links in phishing campaigns
Read More
Trustpilot URL Redirect Abuse

Jul. 26, 2024

Learn about the abuse of Trustpilot links through SendGrid and associated IOCs.
Read More
CrowdStrike Phishing Campaign

Jul. 23, 2024

Access the list of URLs utilized across the targeted CrowdStrike campaigns.
Read More
Telephone based threats

Jul. 8, 2024

Read about the rise of telephone-based scams.
Read more
QR Code Phishing

Jun. 17, 2024

Read about ongoing phishing campaign using QR codes.
Read more
LinkedIn Redirect Abuse

Jun. 10, 2024

Read about the continued abuse of legitimate cloud services for credential harvesting.
Read more

H1 Global Threat Intelligence Report Snapshot

Attacker methodology shifted in Q4 2023 to focus more on links, yet continues to utilize tried and tested methods of spam and older vulnerabilities.

Top targeted industry

Overall, malicious URLs were the most prevalent attack vector accounting for roughly 10 times more attacks

AI bot call center scam

A phishing scam using a variety of fake invoices, including a phone number to an AI-powered call center

CVE-2022-42889

"Text4Shell" is a critical Apache Commons Text vulnerability allowing remote code execution

Threats per User by Business Size

While spam and impersonation attacks dominated the threat landscape, malicious links remained the favored way for attackers to attempt to infect end users’ systems.

Threats per User by Attack Type

The average Mimecast user account encountered a third fewer links in 2024 Q2 compared to Q1

chart_02a_tpus_for_global_spam_impersonation_known_malware_malicious_links_unknown_malware.webp

Top 5 Industries by Threats per User

Users in the scientific and technical, legal professional services, and IT consulting industries were targeted with the most spam, with Mimecast blocking on average 20 attacks per user

Top 10 File-Sharing Services used in Attacks

Attackers continued to increase their use of links to deliver payloads to their victims, with the predominant file sharing domains varying greatly across regions

Top 10 Vulnerabilities Used in Attacks

In H1 2024, most attacks leveraged a small number of vulnerabilities with some exceeding 14 years in age.

Mimecast regional threat intelligence webinars

Join us monthly as our regional experts unpack the latest cybersecurity insights that empowers you and your organization with the knowledge to navigate the landscape, learn from the field, and boost your security strategy.