Less than a third of over half a billion emails analysed by security company FireEye were considered clean and made it to the inbox.
But malware is only a small part of the email threat being served up by cyber criminals, with phishing attacks a growing problem.
A biannual study of over half a billion emails by FireEye found that only about 32% of emails make it to the inbox, with the rest filtered out because they were considered unsafe. It also found thatone in every 101 emails had malicious intent.
In the previous six months, one in every 131 emails contained malicious intent, and clean email reaching the inbox was at 34%.
The majority of attacks blocked (90%) did not contain malware, such as phishing attacks, which alone made up 81% of the blocked so-called malware-less emails. This was double the previous six months.
The increase in malware-less attacks comes as cyber criminals change tactics because organisations focus on detecting malware.
Phishing attacks, which trick people into giving their personal details, are an example of this, as they target the weak link: people.
For example, the number of phishing attacks targeting TSB customers leapt by 843% in May compared with April as fraudsters took advantage of the bank’s IT meltdown.
“Not only is email the most pervasive form of communication, it is also the most popular vector for cyber attacks,” said Ken Bagnall, vice-president of email security at FireEye. “This makes email the biggest vulnerability for every organisation.”
“From malware to malware-less attacks including impersonation attacks like CEO fraud, a single malicious email can cause significant brand damage and financial losses.
“By choosing an email security solution with features based on real-time knowledge gained from the frontlines, and by teaching users to always ensure they are communicating with who they think they are, organisations can better defend against attacks.”
The study revealed that Mondays and Wednesdays were the most common days for malware-based attacks, while impersonation attacks were most likely to fall on a Friday.