This article includes excerpts from various reports that offer statistics and insights into the current phishing landscape.
AI-driven phishing attacks deceive even the most aware users
Zscaler | Zscaler ThreatLabz 2024 Phishing Report | May 2024
- In 2023, the United States (55.9%), United Kingdom (5.6%) and India (3.9%) emerged as the top countries targeted by phishing scams.
- The finance and insurance sector experienced the highest number of overall phishing attempts, amounting to a 393% increase of attacks from the previous year.
AI set to play key role in future phishing attacks
Egress | 2024 Phishing Threat Trends Report | April 2024
- Millennials are the top targets for phishing attacks, receiving 37.5% of phishing emails.
- Unsurprisingly, the most targeted job role is the CEO and 13.4% of phishing attacks impersonated someone the victim knew such as CEOs and senior leadership.
Image-based phishing tactics evolve
IRONSCALES and Osterman Research | Fortifying the Organization Against Image-Based and QR Code Attacks | March 2024
- While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months.
- 93% of IT and security professionals are aware of image-based phishing attacks targeting their organizations, and 79% say the same about QR code attacks.
95% believe LLMs making phishing detection more challenging
LastPass | Combatting Social Engineering in 2024 | March 2024
- More than 95% of respondents believe dynamic content through Large Language Models (LLMs) makes detecting phishing attempts more challenging.
- While 88% of respondents feel confident in their phishing testing programs, only 16% of users identify 75-100% of suspicious activity within these phishing testing programs.
Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT
Enea | Mobile network security: Bridging the gap between enterprise needs and CSP capabilities | February 2024
- Since the launch of ChatGPT in November 2022, vishing, smishing, and phishing attacks have increased by a staggering 1,265%.
Understanding employees’ motivations behind risky actions
Proofpoint | 2024 State of the Phish | February 2024
- And while the incidence of successful phishing attacks has slightly declined (71% of surveyed organizations experienced at least one successful attack in 2023 versus 84% the previous year), the negative consequences have soared: a 144% increase in reports of financial penalties, such as regulatory fines, and a 50% increase in reports of reputational damage.
Secure email gateways struggle to keep pace with sophisticated phishing campaigns
Cofense | 2024 Annual State of Email Security Report | February 2024
- Email remains the primary attack vector for cybercrime, with 90% of data breaches originating from phishing attacks aimed at employees.
- Credential phishing, the preferred method of threat actors, also saw a staggering 67% increase in volume compared to the previous year.
Clean links and sophisticated scams mark new era in email attacks
VIPRE Security | Email Security in 2024: An Expert Look at Email-Based Threats | February 2024
- When it comes to phishing, 71% of emails are still using links as their primary bait.
- Financial services (22%) was the most targeted sector by phishing and malspam emails, followed by information technology (14%), healthcare (14%), education (10%), and government (8%).
Organizations need to switch gears in their approach to email security
Egress | 2024 Email Security Risk Report | February 2024
- Leaders are taking a tough stance with employees caught by phishing attacks with negative outcomes for the people involved happening in 74% of companies.
- Additionally, 51% of organizations fell victim to phishing attacks sent from compromised accounts within their supply chain in the last 12 months.
This post was originally published on the 3rd party site mentioned in the title of this this site