Cybersecurity Threats on the Rise in 2018: BEC Attacks Increase 55% and CHA Up 37%

August 17, 2018

Cybersecurity Threats on the Rise in 2018: BEC Attacks Increase 55% and CHA Up 37%

GULF BREEZE, FL, August 15, 2018 — Through the first half of 2018, cybersecurity threats increased with AppRiver’s filters catching more than 180 million phishing messages and over 92 million emails containing malware attachments, according to the Mid-Year Global Security Report issued by AppRiver.


The report, based on global data compiled by AppRiver’s threat-detection analysis, provides details and examples of the most prolific cybersecurity threats to-date in 2018, including an influx of spear phishing, Business Email Compromise attacks (BEC), conversation hijacking attacks (CHAs), common vulnerabilities & exposure (CVE) exploits, cryptocurrency theft and mining, and weaponizing obscure file extensions.


In the first half of 2018, email remained a favorite vector for attackers to gain a foothold into businesses, whether for the purpose of malware infection, data theft or financial fraud. This includes many forms of generalized phishing attacks, such as brand impersonation. Even more concerning is that a good number of these attacks are being launched from trusted sources whose accounts have been compromised. These types of attacks look to disarm email security measures designed to focus on sender validation. These attacks also have great success in subverting well-trained end users who might otherwise be cautious enough to avoid emails from an unknown sender.


Spear phishing tactics have been on an upward trend throughout 2018, continuing to net huge sums as BEC attacks and other fraud techniques become more widely adopted by attackers. Common vulnerabilities and exposures have continued to be leveraged in email attacks in 2018, and attackers are continually looking for different file types to deliver their payloads.


In the first six months of 2018, AppRiver quarantined more than 1 million BEC attack messages – up from 653,000 during the previous 6-month period, an increase of 55 percent.  The report also finds Conversation Hijacking Attacks increased 37 percent over the previous six-month period, with 169k quarantined CHA messages – up from 123k the prior six-month period. 


In the annual Global Security Report published earlier this year, AppRiver predicted that CVE exploits will continue to be a top malware vector. This has been true during the second quarter of 2018 with CVE2017-11882 being the most utilized attack by malicious actors. CVE 2017-11882 is typically exploited via Office files saved in Rich Text Font (RTF) format and utilizes the Word Equation Editor.


“As spoofing detection and sender verifications have improved, attackers have adapted their techniques to find ways around them. In 2018, attacks have become more personalized, customized, and targeted,” said Troy Gill, security analyst for AppRiver. “The Mid-Year report provides insight into how attackers continue to find ways to monetize activities and pivot quickly to new techniques when previous tactics become obsolete. With absolute certainty, more zero-day exploits are on the horizon. The report provides insights to help IT leaders better protect against attacks.”


A full, complimentary copy of the Mid-Year Global Security Report is available at


About AppRiver


AppRiver provides cloud-based cybersecurity and productivity services to over 60,000 companies worldwide. Launched in 2002, the company uses advanced proprietary technology and machine learning in combination with expert human analysts to block phishing, spear-phishing, business email compromise, and other forms of malware before they reach customer networks. AppRiver also provides web-based malware protection, email encryption, secure archiving, and email continuity solutions. Recognizing that user email is the largest area of vulnerability, AppRiver established itself among the world’s top providers of Office 365 and Secure Hosted Exchange solutions. All services are offered on a pay-as-you-go basis and are backed by award-winning 24/7 white-glove Phenomenal Care® customer service. AppRiver is headquartered in Gulf Breeze, Florida and maintains offices in Georgia, Texas, Canada, Switzerland and Spain. For more information, please visit