Email security, Phishing

Commercial spam and phishing attacks increasingly leverage trusted platforms

Trusted email platforms are now the easiest entry point for attackers, with spam actively driving successful phishing attacks by blending into everyday communication flows, according to a recent report by Tech Radar.

Commercial spam now constitutes 46% of all spam globally, with a significant portion originating from compromised accounts and free email services, according to VIPRE Security Group's Q1 2026 Email Threat Trends Report. The United States is both the primary source of this spam infrastructure and the top target. Attackers are exploiting user fatigue caused by overflowing inboxes, making individuals more susceptible to phishing attempts. Malicious links are the most common weapon in these phishing campaigns, appearing in over half of all analyzed emails. To evade detection, cybercriminals are increasingly using trusted domains and services like Cloudflare, hiding phishing links behind protection systems.

Callback phishing, using tactics like fake invoices or urgent alerts, is also gaining traction. Free email providers have little incentive to aggressively filter commercial spam, as it can drive user engagement metrics, leading to even the best secure email tools struggling against threats that appear to come from legitimate sources.

Source: Tech Radar

Related

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Bring Your Own Device (BYOD)EavesdroppingEmail SpoofingInternet Message Access Protocol (IMAP)Post Office Protocol, Version 3 (POP3)SpamStore-and-Forward

You can skip this ad in 5 seconds