January 2026 Phishing Email Trends Report
This report provides the distribution quantity, statistics, trends, and case information on phishing emails and email threats collected and analyzed for one month in January 2026. The following are some statistics and cases included in the original report. 1) Phishing Email Threat Statistics In January 2026, the most prevalent threat
November 2025 Trends Report on Phishing Emails
This report provides statistics, trends, and case information on the distribution volume, attachment threats, and other aspects of phishing emails collected and analyzed for one month in November 2025. The following are some of the statistics and cases included in the original report. 1) Statistics of Phishing Email Threats In
October 2025 Trends Report on Phishing Emails
This report provides the statistics, trends, and case information on the distribution of phishing emails and attachment-based threats collected and analyzed for one month in October 2025. Below is a portion of the statistics and cases included in the original report. 1) Statistics of Phishing Email Threats In October 2025,
September 2025 Trends Report on Phishing Emails
This report provides the statistics, trends, and case information on the distribution quantity, attachment-based threats, and phishing emails collected and analyzed for a month in September 2025. Below is a portion of the statistics and cases included in the original report. 1) Statistics of phishing email threats In September 2025,
DBatLoader (ModiLoader) Being Distributed to Turkish Users
Recently, AhnLab SEcurity intelligence Center (ASEC) has identified cases of the ModiLoader (DBatLoader) malware being distributed via email. ModiLoader ultimately executes SnakeKeylogger. SnakeKeylogger is an Infostealer-type malware developed in .NET. It is known for its data exfiltration methods using emails, FTP, SMTP, or Telegram. Figure 1 shows the email being
Remcos RAT Malware Disguised as Major Carrier’s Waybill
AhnLab SEcurity intelligence Center (ASEC) has recently discovered the Remcos malware disguised as a waybill from a major shipping company. This article details the distribution distribution flow from HTML, JavaScript, and AutoIt scripts leading to the execution of the final Remcos malware. Figure 1 shows the original email with
Distribution of LockBit Ransomware and Vidar Infostealer Disguised as Resumes
The distribution method involving the impersonation of resumes is one of the main methods used by the LockBit ransomware. Information related to this has been shared through the ASEC Blog in February of this year. [1] In contrast to the past where only the LockBit ransomware was distributed, it has
Phishing Script File Breaching User Information via Telegram Being Distributed
AhnLab Security Emergency response Center (ASEC) has recently identified circumstances of multiple phishing script files disguised as PDF document viewer screens being distributed as attachments to emails. A portion of the identified file names are as below, and keywords such as purchase order (PO), order, and receipt were used. New
ASEC Weekly Phishing Email Threat Trends (April 30th, 2023 – May 6th, 2023)
AhnLab Security Emergency response Center (ASEC) monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and honeypot. This post will cover the cases of distribution of phishing emails during the week from April 30th, 2023 to May 6th, 2023 and provide statistical information on each type. Generally,
ASEC Weekly Phishing Email Threat Trends (April 16th, 2023 – April 22nd, 2023)
AhnLab Security Emergency response Center (ASEC) monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and honeypot. This post will cover the cases of distribution of phishing emails during the week from April 16th, 2023 to April 22nd, 2023 and provide statistical information on each type. Generally,
