May 2025 Trends Report on Phishing Emails
This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in May 2025. The following is a part of the statistics and cases included in the original report. 1) Phishing Email Threat Statistics In May 2025, the most prevalent
April 2025 Trends Report on Phishing Emails
This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in April 2025. The following is a part of the statistics and cases included in the original report. 1) Phishing Email Threat Statistics In March 2025, the most common
XLoader Info-stealer Distributed Using MS Equation Editor Vulnerability (CVE-2017-11882)
AhnLab Security Intelligence Center (ASEC) publishes the information of phishing emails to AhnLab TIP monthly under the title “Trends Report on Phishing Emails.” There are various keywords/topics disguised as phishing, and this blog will cover cases where emails disguised as emails for checking purchases and order confirmations are used to
Malicious LNK Disguised as Notices
AhnLab SEcurity intelligence Center (ASEC) recently discovered a malicious LNK file being distributed to Korean users for the purpose of stealing user information. This type of malware collects various valuable data for threat actors, such as data related to virtual assets, browsers, public certificates, and email files, and it also
March 2025 Trends Report on Phishing Emails
This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in March 2025. The following is a part of the statistics and cases included in the original report. 1. Phishing Email Threat Statistics In March 2025, the most common
Remcos RAT Malware Disguised as Major Carrier’s Waybill
AhnLab SEcurity intelligence Center (ASEC) has recently discovered the Remcos malware disguised as a waybill from a major shipping company. This article details the distribution distribution flow from HTML, JavaScript, and AutoIt scripts leading to the execution of the final Remcos malware. Figure 1 shows the original email with
Phishing Emails Impersonating the National Tax Service (NTS)
AhnLab SEcurity intelligence Center (ASEC) has recently identified phishing emails impersonating the tax authority in Korea called National Tax Service (NTS, also known as Hometax). The email body is disguised as the contents of an electronic tax invoice, and the recipient is asked to open the attached HTML file for
SVG Phishing Malware Being Distributed with Analysis Obstruction Feature
AhnLab SEcurity intelligence Center (ASEC) recently identified a phishing malware being distributed in Scalable Vector Graphics (SVG) format. SVG is an XML-based vector image file format commonly used for icons, logos, charts, and graphs, and it allows the use of CSS and JS scripts within the code. In November 2024,
Trends Report on Phishing Emails in February 2025
1. Statistics on Attachment Threats in February 2025 In February 2025, the most prevalent threat type among phishing email attachments was Phishing (78%). This is the type where threat actors use HTML and other scripts to mimic login pages, advertising page layouts, logos, and fonts to create deceptive pages that
Phishing Email Attacks by the Larva-24005 Group Targeting Japan
AhnLab SEcurity intelligence Center (ASEC) has identified the behavior of Larva-24005 breaching servers in Korea and then establishing a web server, database, and PHP environment for sending phishing emails. Larva-24005 is using the attack base to target not only South Korea but also Japan. The main targets are those
