Trend Micro’s Cloud App Security Report 2020 headline findings include:

1. High-risk email threats rose by 32% last year compared to 2019. Detections of malware, credential theft and phishing emails all recorded double-digit year-on-year increases in 2020, while business email compromise volumes dropped slightly

2. Trend Micro detected 1.2m emails containing malware that would otherwise have appeared in users’ inboxes, up 16% on 2019 figures. These included many Emotet and Trickbot attacks which are often the precursor to targeted ransomware

3. Trend Micro intercepted over 6.9m phishing emails in 2020, a 19% increase from the previous year. Discounting credential phishing, the number of threats in this category surged 41% over the period. COVID-19 was a common lure, Trend Micro reports, as were big-name brands like Netflix that have become popular during the pandemic. Attackers were typically looking for personal and financial information to monetise

4. Trend Micro detected nearly 5.5m phishing attempts to steal users’ credentials that were allowed through by existing cloud native security filters. This was a 14% increase on 2019 and accounted for the vast majority of detected phishing emails. Attackers are increasingly supplementing these with phone-based vishing attacks

5. Although Business Email Compromise (BEC) detections declined 18% year-on-year, average losses continue to rise — they increased 48% from the first to the second quarter of 2020