Corporate email addresses are 4.3 more likely to receive malware compared to personal accounts, 6.2 times more likely to receive phishing lures, and 0.4 times less likely to receive spam.
These are statistics gathered by the Google Research team from analyzing over one billion emails that passed through Gmail, results that were presented yesterday at the RSA security conference in San Francisco.
The results of the study aren't that surprising, as corporate inboxes tend to contain more valuable information, which can be much more easily monetized on the Dark Web.
More surprisingly is that out of all industry verticals, companies activating in real estate were the most targeted with malware, receiving more malicious emails compared to businesses working in retail, IT, finance, insurance, and other more financially attractive domains.
On the other hand, spam emails peddling products and services mostly targeted companies activating in entertainment and IT, while phishing campaigns targeted the financial sector, the main target of most phishing attempts for the past few years.
Nonetheless, the financial sector has seen a decrease in the number of phishing attacks it received, according to a different report from PhishLabs. The report highlights a decline of phishing emails targeting the financial sector from a 38% share in 2013 to only 23% in 2016.
Further, the same PhishLabs report also highlights a growth of phishing sites in 2016, the company detecting over 1 million phishing pages deployed across over a whopping 170,000 different domains.
Overall, phishing attacks saw a 23% increase compared to phishing statistics in 2015, with new attacks focusing on other industry verticals, such as cloud and online services.
Here are some of the other PhishLabs findings, detailed in depth in the 2017 Phishing Trends & Intelligence Report:
Both Google and PhishLabs experts expect to see a continuous rise in phishing attacks in the following year, as phishing still remains one of the simplest and most effective attacks to perform.
Google's RSA presentation ended with a positive tone, as the company announced that SMTP Strict Transport Security (SMTP STS), the HSTS equivalent for SMTP, is set to arrive in Gmail in the coming year.
Below is Google's slides from yesterday's presentation.