A new report by Proofpoint looks at the email threat landscape in Q3 of this year. It shows that message containing malicious URLs now make up 88% of email-based threats. The overall volume of messages designed to get users to interact with nefarious URLs or attachments fell by 40% compared to the previous quarter due to the absence of Emotet campaigns throughout most of the quarter. The infamous botnet dropped off the radar in Q2 but returned with a vengeance in mid September. Despite it’s brief activity in Q3, it still accounted for 11% of all email-based threats in the quarter.
Thanks to the temporary disappearance of Emotet, the most prominent malware payloads in Q3 were Banking Trojans and remote access Trojans (RATs) that together accounted for 61% of all payloads. The Banking Trojan landscape was dominated by Trickbot (37%), IcedID (26%), and Ursnif (20%), while to most prevalent RATs were FlawedAmmyy (45%), FlawedGrace (30%), and NanoCore RAT (12%).
Read more: You’ve got malware: Malicious actors are waiting in your inbox