66% of malware delivered via PDF files in malicious emails: Report

New Delhi, Jun 7 (IANS): PDFs are the primary malicious email attachment type being used over 66 per cent of the time to deliver malware via email in 2022, a new report said on Wednesday.

According to researchers from Palo Alto Networks Unit 42, a 910 per cent increase saw in monthly registrations for domains, both benign and malicious, related to AI chatbot ChatGPT, between November 2022-April 2023.

Researchers also saw tremendous growth (17,818 per cent) in attempts to mimic ChatGPT through squatting domains -- website names that are deliberately registered to appear similar to a popular brand or product.

"As millions of people use ChatGPT, it's unsurprising that we see ChatGPT-related scams, which have exploded over the past year, as cybercriminals take advantage of the hype around AI. But, the trusty email PDF is still the most common way cybercriminals deliver malware," said Sean Duca, VP, and Regional Chief Security Officer at Palo Alto Networks.

Moreover, the report said that the hackers were found more likely to target people visiting adult websites (20.2 per cent) and financial services (13.9 per cent) sites with newly registered domains (NRDs).

Compared to 2021, the exploitation of vulnerabilities has increased by 55 per cent in 2022.

Between 2021 and 2022, researchers saw the average number of attacks experienced per customer in the manufacturing, utilities and energy industry increased by 238 per cent.

"Threat actors are constantly evolving their techniques, employing evasion tools and camouflage methods to bypass detection. Organisations must guard against malware designed to exploit older vulnerabilities while proactively staying ahead of sophisticated new attacks," said Anil Valluri, Regional Vice President, India & SAARC at Palo Alto Networks.



Top Stories

Leave a Comment

Title: 66% of malware delivered via PDF files in malicious emails: Report

You have 2000 characters left.


Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.