Security Magazine wrote this week about the recent eye-opening SlashNext State of Phishing report. SlashNext analyzed billions of link-based URLs, attachments, and natural language messages in email, mobile and browser channels over six months in 2022 and found more than 255 million attacks —a 61% increase in the rate of phishing attacks compared to 2021.
The SlashNext State of Phishing Report for 2022 findings highlights that previous security strategies, including secure email gateways, firewalls, and proxy servers, are no longer stopping threats, especially as bad actors increasingly launch these attacks from trusted servers and business and personal messaging apps.
Key findings of the report include:
- Cybercriminals are moving their attacks to mobile and personal communication channels to reach employees. SlashNext recorded a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.
- In 2022, they detected an 80% increase in threats from trusted services such as Microsoft, Amazon Web Services or Google, with nearly one-third (32%) of all threats now being hosted on trusted services.
- 54% of all threats detected in 2022 were zero-hour threats, showing how hackers are shifting tactics in real-time to improve success
- 76% of threats were targeted spear phishing credential harvesting attacks
- The top 3 attack sectors are Healthcare, Professional and Scientific Services, and Information Technology.
People are the most vulnerable part of an organization when it comes to phishing, scams, and fraud. They are also the most unprotected across all communication channels. For hackers, phishing is the most effective and far-ranging tool to perpetrate cybersecurity breaches, including lucrative ransomware and data theft.
Information in this article was provided by our partners at KnowBe4.