Two Research Reports Show That Phishing Emails Are Not Only Increasing, But They Are More Dangerous Too

According to Cofense researchers, in their latest State of Email Security Report, the volume of phishing emails sent in 2022 is up 569%.

Using artificial and machine learning analysis, researchers analyzed global network data from 35 million users. The email security report revealed five specific trends:

  • Credential phishing emails: + 478%
  • Top malware gangs: Emotet and QakBot
  • Top cybercrime: BEC
  • Web3 use: +341%
  • Use of Telegram bots for exfiltration: +800%

In data compiled by Open Text Cybersecurity in their 2023 Global Threat Report, researchers revealed that phishing sites detected using HTTPS increased nearly 56%, highlighting that domain authorities are becoming less effective at preventing bad actors from obtaining and using legitimate certificates to enhance their phishing success rates.

Translation: None of this is good if you’re responsible for stopping the bad guys from getting in the door. I have two comments on this, the first is from Dave Ratner, CEO, HYAS:

“Either finding credentials on the dark web or stealing credentials via phishing continues to be one of the main entry points into the enterprise for malicious actors. While MFA and other techniques can help secure this entry point, any approach should be complimented with a Protective DNS solution — bad actors will continue to use social engineering and other approaches to obtain proper credentials, but a Protective DNS solution can and will uniquely identify the anomalous communication that bad actors generate once they get inside, as they beacon out to their command-and-control. This layer of visibility ensures that such breaches can be identified and shut down before they progress into major issues.”

The second is from Morten Gammelgaard, EMEA, co-founder, BullWall

    “The growth here is miniscule compared to what will happen in 2023. The rise of natural language AI, like ChatGPT, will EXPLODE the efficacy of phishing overnight. Threat Actors have just two ways to Phish. Firstly, they can write a form email meant for generic people. This is less effective but it’s a numbers game. You may send out 100,000 thousand of these but you only need one to click. Or you can Spear Phish, that is where you research the email recipient, view their boss on LinkedIn, their vendors they interact with, and write a custom email to trick that single user. Maybe 1 out of 100 of those will be successful. 

   “With AI you get the best of both worlds. Mass email campaigns that are highly targeted at a scale that can produce 100,000 custom attacks instantly. This will explode cybercrime, and there is an arms race between the largest companies on the planet, Google, Apple, Microsoft and others throwing billions of dollars to rush their AI apps out, often putting aside safety and use cases in exchange for being first. They have everything at stake if they lose their footholds. But the Russians and Chinese also are secretly funding billions of dollars into AI, but for Cyber Espionage, Ransom and Attacks. You can’t stop it. You must focus on building your defensive stack, including rapid containment tools on your Endpoints, like Endpoint Detection and Response, and on your Critical Infrastructure and File Shares with tools like Ransomware Containment and Critical Infrastructure monitoring.”

What’s clear from these threat reports is that that these phishing attacks are becoming more sophisticated. Which will make them more dangerous and costly if a multi-faceted approach to defending against them isn’t taken. And the time to act on that front is now.

Leave a Reply

%d bloggers like this: