Threat Intelligence Hub

Mimecast threat research delivers analysis of threat activity, statistics revealing attack trends, and recommendations for small businesses and large enterprises to protect their employees and mitigate the impact of risky users.

H2 2024 Global Threat Intelligence Snapshot

Humans continue to play a primary role in most breaches, whether it's falling victim to social engineering attacks or brand impersonation scams.

Advanced attack infrastructure

Attackers are Living Off Trusted Services (LOTS), using Microsoft's, Google's, and Evernote's cloud services to host payloads and landing pages.

Chaos via world events

Business, political, and cybersecurity experts have increasingly warned that geopolitical tensions and cybersecurity risks are linked, as cybercriminals use them to sow chaos.

AI enables cybercrime

The spread of AI chat bots allows even would-be cybercriminals to gain the skills necessary for hacking.

Read the latest threat intelligence notifications and gain insight to better protect your organization.

SVG Attachment Abuse

31st March 2025
Malicious code is being embedded in SVG image attachments that redirect users to phishing sites when opened
Read More
Mimecast Phishing Campaign

March 18 2025

Mimecast-branded phishing campaign targeting real estate industry
Read More
Captcha Obfuscation

March 10 2025

How Javascript and captcha can obfuscate malicious content
Read More
Impersonating Booking.com

24 February 2025

Sendinblue is utilized to distribute infostealers
Read More
Missed Package Delivery

Feb. 12, 2025

Learn how Asian ISPs are unaware of compromised accounts sold on underground markets.
Read More
Copyright Infringement - Infostealer

Feb. 12, 2025

Emails sent through Gmail via a Mail-Merge are impersonating reputable law firms claiming an infringement of copyrights.
Read More
Open Spoofing

Feb. 12, 2025

Learn how an advanced threat actor is leveraging compromised consumer routers as proxies in large scale credential phishing campaigns.
Read More
Copy and Paste URL

Feb. 12, 2025

Learn how threat actors are convincing users to copy malformed links from an email and paste those them into their browsers.
Read More
Facebook Account Takeover

Jan. 29, 2025

A recent phishing campaign leverages a legitimate CMS to send fraudulent job offer emails combined with lookalike domains impersonating well-known brands.
Read More
Targeted BEC Scam

Dec. 17, 2024

Threat actors deploy deepfake using voice in sophisticated law firm impersonation campaign.
Read More
Invoice Based BEC Threats

Nov. 18, 2024

Prevent the payment of fraudulent ZipRecruiter and TeamViewer invoices.
Read More
Awareness Training Impersonation

Dec. 16, 2024

Prevent the loss of credentials to phishing scams impersonating Awareness Training platforms.
Read More
Hiding with Turnstile Verification

Nov. 7, 2024

The latest obfuscation techniques to hide malicious content behind turnstile verification techniques.
Read More
Broado Info Stealer

Oct. 14, 2024

Prevent the exfiltration of AWS and Github credentials.
Read More
AI Generated Phishing Messages

Sep. 30, 2024

Use the indicators in AI-written messages to improve phishing investigation.
Read More
Cloud File Shares

Aug. 02, 2024

Learn about new obfuscation techniques requiring user interaction to access malicious content.
Read More
Online AI Tools

Aug. 02, 2024

Learn about the impersonation of HR teams through the abuse of HTML attachments.
Read More
Workspaces Abuse

Aug. 02, 2024

Learn how to protect your organization and inform your users about the abuse of cloud file services.
Read More
Phishing campaigns using re-written links

Jul. 31, 2024

Protect yourself against the abuse of rewritten links in phishing campaigns
Read More
Trustpilot URL Redirect Abuse

Jul. 26, 2024

Learn about the abuse of Trustpilot links through SendGrid and associated IOCs.
Read More
CrowdStrike Phishing Campaign

Jul. 23, 2024

Access the list of URLs utilized across the targeted CrowdStrike campaigns.
Read More
Telephone based threats

Jul. 8, 2024

Read about the rise of telephone-based scams.
Read more
QR Code Phishing

Jun. 17, 2024

Read about ongoing phishing campaign using QR codes.
Read more
LinkedIn Redirect Abuse

Jun. 10, 2024

Read about the continued abuse of legitimate cloud services for credential harvesting.
Read more

Threats per User by Attack Type

While spam continues to account for the vast majority of messages blocked by Mimecast in H2 2024, phishing attacks, which typically include a URL to an attacker-controlled site or service, saw slow growth through the half.

Top Targeted Industries by Threats per User

The Arts, Entertainment & Recreation sector encountered the greatest number of threats per user (TPUs), with most attacks consisting of emails and messages with malicious payloads. The Professional Services: Legal and Media & Publishing sectors saw the next highest threat intensity, with each encountering nearly 9 TPUs.

Top Vulnerabilities Over Time

Comparing the Top 10 vulnerabilities detected by Mimecast as part of an email or delivered as a link, seven issues have an Exploitability Prediction Scoring System (EPSS) score of at least 0.88 which equates to an 88% chance of exploitation within the next 30 days, while two vulnerabilities — both discovered in 2024 — have yet to be registered as exploited.

Cloud Service Abuse

Attackers are increasingly living off trusted services (LOTS) in an effort to bypass defenses that rely on identifying attacks by spotting untrusted code, resources, and online services.

Mimecast regional threat intelligence webinars

Join us monthly as our regional experts unpack the latest cybersecurity insights that empowers you and your organization with the knowledge to navigate the landscape, learn from the field, and boost your security strategy.

Sign up for your regional series

Watch on-demand

Missed any episodes? Watch every episode on demand to stay up to date with the latest news, trends, and threat intelligence.

Watch NA and EMEA episodes

Watch APAC webinars

Threat Intelligence Resource

Global Threat Intelligence Report 2024 H1

Ebook

Threat Intelligence Resource

Global Threat Intelligence Report 2023 Q4

Ebook

Email & Collaboration Threat Protection Resource

The State of Email & Collaboration Security 2024

Ebook

RiskRadar Species

Detect, Analyze, Action

Detecting threats is their craft. Using echolocation, they emit high-frequency sounds that bounce off objects, giving them a detailed map of their surroundings.

Masters of analysis with highly developed nervous system and large brain. They excel in adapting to their environment and overcoming challenges, making them a standout in threat intelligence.

Known for their problem-solving and teaching skills. Always educating, and taking action. Your go-to for cybersecurity risk mitigation strategies.

Threat Intelligence Hub