Threat Intelligence Hub
Mimecast threat research delivers analysis of threat activity, statistics revealing attack trends, and recommendations for small businesses and large enterprises to protect their employees and mitigate the impact of risky users.
Your Threat Landscape
Discover your personalized threat landscape July to December 2024
Get your threat landscape results delivered to directly your inbox.
Congratulations!
Your personalized threat landscape results are ready and on their way to your inbox. Stay ahead of potential risks by exploring our platform and discovering how our solutions can help safeguard your organization. Visit our platform page to learn more!
Cloud service abuse
Cybercriminals increasingly use legitimate online services (LOTS strategy) to bypass security defenses. This visualization maps relationships between original URLs, malicious content types, and ultimate destinations, revealing how attackers obfuscate their intent through trusted business platforms. Understanding these connections is essential for developing effective cybersecurity measures that can identify threats hiding within legitimate services.
Top targeted industries by threats per user
Different industries face distinct attack methodologies, creating unique threat profiles for each sector. Our analysis reveals that attackers strategically vary their techniques based on industry characteristics, targeting specific vulnerabilities and data types. While every industry encounters significant volumes of spam and threats using low-reputation infrastructure, the specific attack vectors and techniques show marked variation across sectors and highlights the sophisticated nature of modern email threats. Understanding these distinct threat profiles allows organizations to implement more effective security measures rather than generic protections that may leave sector-specific vulnerabilities exposed.
Threats per user by attack type
Detection’s are categorized by interception stage: Spam: Mass emails from untrusted domains containing widely encountered content. Suspicious Messages: Potentially malicious communications lacking confirmed harmful content but showing risk indicators. Unwanted: User-blocked messages bypassing automated filters. Phishing: Deceptive content designed to extract sensitive information through fraudulent links, business email compromise, impersonation, or fake login pages. Malware: Messages containing malicious attachments or links leading to harmful code. Understanding these classifications helps organizations better defend against increasingly sophisticated email threats
Top vulnerabilities over time
Email-borne vulnerability exploits concentration patterns examining the top 10 detected vulnerabilities—whether delivered directly via email or through embedded links. Our analysis also highlights significant divergence between EPSS scores and Common Vulnerability Scoring System (CVSS) ratings. This disconnect demonstrates how severity ratings may not accurately predict real-world exploitation likelihood, requiring security teams to consider both metrics.
H2 2024 Global Threat Intelligence Snapshot
Humans continue to play a primary role in most breaches, whether it's falling victim to social engineering attacks or brand impersonation scams.
Advanced attack infrastructure
Attackers are Living Off Trusted Services (LOTS), using Microsoft's, Google's, and Evernote's cloud services to host payloads and landing pages.
Chaos via world events
Business, political, and cybersecurity experts have increasingly warned that geopolitical tensions and cybersecurity risks are linked, as cybercriminals use them to sow chaos.
AI enables cybercrime
The spread of AI chat bots allows even would-be cybercriminals to gain the skills necessary for hacking.
Threat Intelligence Notifications
Read the latest threat intelligence notifications and gain insight to better protect your organization.
-
Fake CAPTCHA Conceals Scattered Spider Attacks
22 May 2025Read More
Learn how counterfeit CAPTCHA challenges bypass security controls targeting SendGrid, Okta, and others -
OAuth Abuse
5 May 2025Read More
OAuth manipulation campaign redirects users to malicious data gathering page -
SVG Attachment Abuse
31 March 2025Read More
Malicious code is being embedded in SVG image attachments that redirect users to phishing sites when opened -
Mimecast Phishing Campaign
March 18 2025Read More
Mimecast-branded phishing campaign targeting real estate industry -
Captcha Obfuscation
March 10 2025Read More
How Javascript and captcha can obfuscate malicious content -
Impersonating Booking.com
24 February 2025Read More
Sendinblue is utilized to distribute infostealers -
Missed Package Delivery
Feb. 12, 2025Read More
Learn how Asian ISPs are unaware of compromised accounts sold on underground markets. -
Copyright Infringement - Infostealer
Feb. 12, 2025Read More
Emails sent through Gmail via a Mail-Merge are impersonating reputable law firms claiming an infringement of copyrights. -
Open Spoofing
Feb. 12, 2025Read More
Learn how an advanced threat actor is leveraging compromised consumer routers as proxies in large scale credential phishing campaigns. -
Copy and Paste URL
Feb. 12, 2025Read More
Learn how threat actors are convincing users to copy malformed links from an email and paste those them into their browsers. -
Facebook Account Takeover
Jan. 29, 2025Read More
A recent phishing campaign leverages a legitimate CMS to send fraudulent job offer emails combined with lookalike domains impersonating well-known brands. -
Targeted BEC Scam
Dec. 17, 2024Read More
Threat actors deploy deepfake using voice in sophisticated law firm impersonation campaign. -
Invoice Based BEC Threats
Nov. 18, 2024Read More
Prevent the payment of fraudulent ZipRecruiter and TeamViewer invoices. -
Awareness Training Impersonation
Dec. 16, 2024Read More
Prevent the loss of credentials to phishing scams impersonating Awareness Training platforms. -
Hiding with Turnstile Verification
Nov. 7, 2024Read More
The latest obfuscation techniques to hide malicious content behind turnstile verification techniques. -
Broado Info Stealer
Oct. 14, 2024Read More
Prevent the exfiltration of AWS and Github credentials. -
AI Generated Phishing Messages
Sep. 30, 2024Read More
Use the indicators in AI-written messages to improve phishing investigation. -
Cloud File Shares
Aug. 02, 2024Read More
Learn about new obfuscation techniques requiring user interaction to access malicious content. -
Online AI Tools
Aug. 02, 2024Read More
Learn about the impersonation of HR teams through the abuse of HTML attachments. -
Workspaces Abuse
Aug. 02, 2024Read More
Learn how to protect your organization and inform your users about the abuse of cloud file services. -
Phishing campaigns using re-written links
Jul. 31, 2024Read More
Protect yourself against the abuse of rewritten links in phishing campaigns -
Trustpilot URL Redirect Abuse
Jul. 26, 2024Read More
Learn about the abuse of Trustpilot links through SendGrid and associated IOCs. -
CrowdStrike Phishing Campaign
Jul. 23, 2024Read More
Access the list of URLs utilized across the targeted CrowdStrike campaigns. -
Telephone based threats
Jul. 8, 2024Read more
Read about the rise of telephone-based scams. -
QR Code Phishing
Jun. 17, 2024Read more
Read about ongoing phishing campaign using QR codes. -
LinkedIn Redirect Abuse
Jun. 10, 2024Read more
Read about the continued abuse of legitimate cloud services for credential harvesting.
Mimecast regional threat
intelligence webinars
Join us monthly as our regional experts unpack the latest cybersecurity insights that empowers you and your organization with the knowledge to navigate the landscape, learn from the field, and boost your security strategy.
Sign up for your
regional series
Join us monthly as our regional experts unpack the latest cybersecurity insights that empowers you and your organization with the knowledge to navigate the landscape, learn from the field, and boost your security strategy.
Watch on-demand
Missed any episodes? Watch every episode on demand to stay up to date with the latest news, trends, and threat intelligence.
RiskRadar Species
Detect, Analyze, Action