Q4 2021 Cofense Phishing Review


Published April 2022


The Cofense Intelligence™ team analyzes millions of emails and malware samples to understand the phishing landscape. In Q4 2021, we observed that malicious phishing campaigns increased, mainly due to the return of Emotet in early November. Campaigns delivering malware preferred keyloggers, with information stealers remaining a close second within the quarter. Patterns in threat actors’ use of credential phishing domains and malicious attachment file types were generally consistent with Q3. In this report, we also highlight how threat actors can manipulate HTML files that help them be delivered to an end-user within a secure email gateway (SEG) protected environment.

Biting the hand that feeds IT © 1998–2022