According to Mimecast’s Global Threat Intelligence Report for the first half of 2024, there is a shocking increase in the numbers and variants of threats directed towards small and medium-sized businesses (SMBs).

The report shows that the latest threats include malicious links and artificial intelligence (AI) attacks. The results show a 133% increase in attacks with malicious links in Q1 2024 and 53% in Q2 compared to these periods in the previous year.

Emergence of AI-enabled scams

Cybercriminals are gradually moving away from simple malware and are now using complex, sophisticated attacks in the form of links. These links generally take the victims through a chain of fake information such as CAPTCHAs and multi-factor authentication requests that are difficult to counter and prevent.

The report also reveals an increase in the number of scams associated with the use of AI. Hackers are now applying generative AI to come up with very appealing phishing messages.

For instance, cybercriminals are employing AI to generate emails that an individual would find as genuine for the purpose of getting them to part with personal information.

In one instance, carrier-grade advertisement-type malware used what can be characterised as ‘mass email spam’. These mass emails slipped past initial scans and got the users to interact with fake AI-based customer service bots.

According to Mimecast’s data, SMBs received up to 40 threats per user in Q1 2024. This is almost twice the number targeted at employees in large enterprises.

While the number of threats per user dropped from 19 in Q4 2023 to 14 in Q2 2024, SMBs remain the most vulnerable segment.

Sophisticated attacks

The report also revealed that cyber-attacks are now more sophisticated and are using techniques that cannot be easily detected.

Mimecast stressed the importance of employing various protection strategies for these threats, including integrated solutions and techniques, which are classified as active defence.

Mick Paisley, Mimecast’s chief security & resilience officer, said that it is important that emails are secure: “By optimising email security, organisations can achieve significant cost efficiencies while ensuring robust protection against emerging threats.”

It is critical for organizations that are working to improve or maintain their security to be aware of these new cybersecurity threats.

Today’s news was brought to you by TD SYNNEX – the UK’s number one solutions distributor.