Articles about Phishing

A new report has identified a 356 percent growth in the number of advanced phishing attacks attempted by threat actors in 2022.

The study from threat detection specialist Perception Point also shows that the overall number of attacks increased by 87 percent.

Continue reading →

The latest spear phishing trends report from Barracuda Networks shows that 50 percent of organizations studied were victims of spear-phishing in 2022, with 24 percent having at least one email account compromised through account takeover.

The report draws on a data set that comprises 50 billion emails across 3.5 million mailboxes, including nearly 30 million spear-phishing emails, as well as a survey by Vanson Bourne of IT professionals from frontline to the most senior roles at 1,350 companies.

Continue reading →

The majority of cyberattacks are made possible by some degree of human error. Phishing emails and social engineering continue to dominate as the most common delivery systems for an attack.

We spoke to Mika Aalto, CEO and co-founder at Hoxhunt, about why a human-focused cyber-strategy is the key to success in combating attacks, about the initiatives that organizations can implement to establish this and how he expects human-related cyber-attacks to evolve.

Continue reading →

The first quarter of 2023 has seen a significant increase in cyberattacks looking to exploit trust in established tech brands like Microsoft and Adobe.

A new report from Avast also finds a 40 percent rise in the share of phishing and smishing attacks over the previous year. Overall, two out of three threats people encounter online now seek to use social engineering techniques, taking advantage of human weaknesses.

Continue reading →

U.S. taxpayers beware! Tax scams and malware attacks are running rampant as we approach this year's tax deadline -- mostly driven by phishing scams.

With the looming April 18 US tax deadline, cybercriminals have sprung into action. For one, a devious Emotet malware phishing campaign has been launched, masquerading as official W-9 tax form emails sent from the Internal Revenue Service (IRS) and companies that may be connected to your work life. A malicious group known as Tactical#Octopus is also on the prowl and looking to spread malware through fake file downloads claiming to be related to taxes.

Continue reading →

Phishing attack volumes increased by 102 percent in the first quarter of 2023 according to a new report from email security and threat detection company Vade.

In the first quarter of this year Vade detected 562.4 million phishing emails, passing the previous quarter's total by 284.8 million. January accounted for the highest volume of phishing emails in Q1 with 488.5 million.

Continue reading →

Business Email Compromise attacks increased dramatically last year with a 72 percent rise year-on-year over 2021.

The 2023 Email Security Threat Report from Armorblox shows high volumes of language-based and socially engineered attacks targeting organizations of all sizes and across industries.

Continue reading →

New research from cybersecurity AI company Darktrace shows a 135 percent increase in social engineering attacks using sophisticated linguistic techniques, including increased text volume, punctuation, and sentence length, and with no links or attachments.

This trend suggests that generative AI tools, such as ChatGPT, are enabling threat actors to craft sophisticated and targeted attacks at speed and at scale.

Continue reading →

A new report shows that 2022 saw a 569 percent increase in malicious phishing emails and a 478 percent increase in credential phishing-related threat reports published.

The report from Cofense also looks at emails bypassing SEGs and hitting users' inboxes and highlights that delivery methods for carrying out phishing campaigns continue to keep up with the advancement of technology. Cofense has witnessed a continued blending of tactics to make detection and mitigation even more difficult for organizations.

Continue reading →

As news of Silicon Valley Bank’s (SVB) collapse continues to dominate the headlines, cybercriminals are running phishing campaigns impersonating SVB and other financial institutions, including M-F-A and Bloomberg.

Responding quickly to the 24-hour news cycle, cybercriminals aim to leverage their victims’ potential distress over their financial situation to make them more susceptible to this type of attack.

Continue reading →

There's been a fair bit of hype recently surrounding the potential for ChatGPT and similar tools to be used for creating phishing campaigns, eliminating the typos and other errors that are the giveaways of a scam.

However, new research from Hoxhunt suggests that AI might not be quite so good at going phishing after all.

Continue reading →

With 70 percent of government workers reporting that they work virtually at least some of the time, a new survey shows some worrying trends.

The report from Ivanti finds five percent of government workers have fallen victim to a phishing attempt. However, 34 percent don't believe their actions impact their organization's ability to stay safe.

Continue reading →

Threat protection company Vade has released its latest Phishers' Favorites report for 2022 which finds that financial services is the most impersonated industry, accounting for 34 percent of phishing pages as attackers continue to follow the money.

There are also seven finance brands in the top 20, with PayPal, MTB, Crédit Agricole, and La Banaque Postale all securing a spot in the top 10.

Continue reading →

The latest Annual Trends Report from Jamf, based on a sample of 500,000 devices protected by the company's technology, looks at the threats impacting devices used in the modern workplace and finds social engineering tops the list.

The combination of an increasingly distributed workforce with the relative ease with which bad actors can carry out phishing campaigns, leads to the leakage of user credentials. In 2022, 31 percent of organizations had at least one user fall victim to a phishing attack.

Continue reading →

According to data from Lookout, 2022 has seen the highest percentage of mobile phishing encounter rates ever, with an average of more than 30 percent of personal and enterprise users exposed to these attacks every quarter.

Since 2021, mobile phishing encounter rates have increased by around 10 percent for enterprise devices and more than 20 percent for personal devices.

Continue reading →