product
- Line up
- ファイルセキュリティ:Malware File Storage Scanning
- 統合管理ソリューション:Central Management
- Emailセキュリティ:Cloud Edition
- エンドポイントセキュリティ:Endpoint
- クラウドサービス上のファイル脅威対策 「FireEye Detection On Demand」
- クラウドガバナンス強化「Cloudvisory」
- ネットワークセキュリティ:Network Security
- フォレンジック:Malware File Scanning/Network Forensics
- Emailセキュリティ:Server Edition
Specifications/Technical Information
Application for evaluation machine
Email Security 1 - Latest Trends and Trends Seen in FireEye Research
Many cyber crimes are said to start with emails.
企業はメールセキュリティ製品を導入し、対策を施してはいるものの攻撃側もあらゆる手段を用いて侵入を試みているのが現状です。最適な対策を講じるためには、まずは敵を知る必要があります。本稿では、メールセキュリティ対策について今一度再考するために、今回はFireEyeの「Eメール脅威レポート 2019年第1四半期の統計から見えてきたもの」というレポートをもとに、2019年に増加したメール攻撃手法と各手法の傾向を紹介します。
Techniques (How Threats Evade Email Security Products?)
- Attack using URL
- Malicious URLs using HTTPS, which was originally thought to be secure, are increasing
- Attacks that send URLs by means of bypassing mail filters are increasing
Example) Emails with only a URL and no content, or URLs that cannot be clicked
- phishing attack
- Phishing attacks increased by 17% in January-March 2019 compared to September-December 2018
- Phishing emails impersonating Microsoft are overwhelmingly high, accounting for 30% of the total.
This is intended to convince recipients of authenticity through Microsoft's brand power. - Phishing emails using personal service brands such as Netflix, Amazon, and LinkedIn are also on the rise.
This is aimed at stealing credentials and credit card information.
- impersonation attack
- Spoofing attacks such as CEO fraud and business email compromise (BEC) are on the rise
* Increased by 25% from April to June 2019 - Two main attack methods are increasing
1. A method of impersonating an executive and sending a request to change a payroll account to the payroll department
2. Methods of compromising or spoofing systems of business partners who routinely interact with target companies
- Other attacks
1. Attacks exploiting file sharing services
- A method of uploading a malicious file to a trusted file sharing service such as Dropbox, OneDrive, Google Drive, etc. and making the file open.
- Dropbox in particular tends to be abused, but the number of people using Onedrive has increased rapidly recently.
2. Attacks using nested emails
A method of attaching another email containing a malicious URL, etc. to the sent email
used to evade detection
3. Conclusion
As mentioned at the beginning, in order to take the best email security measures, it is first necessary to know the enemy (attacker's trends and attack methods).
今回はFireEye社が出している「Eメール脅威レポート 2019年第1四半期の統計から見えてきたもの」に掲載されている内容を抜粋し、最新のメールセキュリティの脅威について簡単にまとめてみました。
In this report, each attack method is explained using actual e-mails sent as examples, so if you are collecting information on e-mail security or are considering introducing an e-mail security product, please report it. please look at!
また、FireEye社が毎年発行している最新の脅威動向とベストプラクティスが詰まった「M-Trends」レポートの2020年版も発行されましたので、メールセキュリティ以外の情報も収集されている方は必見です!
Contact information
株式会社マクニカ
FireEye 製品担当
- TEL:045-476-2010
- E-mail:fireeye_sales@macnica.co.jp
