Sophisticated phishing campaigns bypass enterprise secure email gateways

A new report from Cofense based on data from its Phishing Detection Center identifies over 1.5 million malicious emails bypassing customers' secure email gateways (SEGs), a 37 percent increase in threats compared to 2022.

The report shows that SEGs struggle to keep pace with sophisticated phishing campaigns and that relying on 'good enough' email security is no longer an option for most enterprises.

"The data we present in this report speaks directly about the escalating sophistication of cyber threats, which demand a different approach to effective email security. Cofense remains committed to providing enterprise solutions to keep up with evolving threats," says David Van Allen, CEO of Cofense.

In particular SEGs are struggling to keep pace with the rapidly evolving nature of phishing campaigns, evidenced by a 104.5 percent increase in the number of malicious emails bypassing SEGs in 2024.

Credential phishing, the preferred method of threat actors, has also seen a 67 percent increase in volume compared to the previous year. Other top trends in 2023 include an increase in tactics like vishing, smishing, brand impersonation, and QR code phishing that bypass SEGs. Cofense reports a 331 percent increase in QR code active threat reports (ATRs) last year.

Healthcare and finance remain the top targeted industries -- increases in malicious emails bypassing SEGs in those industries are at 84.5 percent and 118 percent, respectively. Also new malware families, including DarkGate and PikaBot, have emerged to fill the gap left by the FBI's dismantling of the Qakbot infrastructure.

The report also highlights a new phishing tactic using Google Accelerated Mobile Pages (AMP) which is proving highly successful. Cofense reports a 1,092 percent increase in Google AMP emails bypassing secure email gateways in the last six months of 2023.

Business Email Compromise (BEC) remains one of the most devastating cybercrimes, with scammers exploiting conversational-based phishing attacks. Traditional defenses often fail to catch these, resulting in billions of dollars being stolen annually.

There will be a webinar to present the findings on February 21st at 11am ET and you can get the full report from the Cofense site.

Image Credit: Jurgen Priewe / Shutterstock