Our latest Phishing Threat Trends Report gives a comprehensive oversight into the types of phishing attacks and tactics organizations are facing so far in 2024, from the rise of ‘quishing’ and AI-powered phishing campaigns to the multi-channel approach. In this blog, we look at the key findings from the report, the industries and demographics most at risk, and the evolution of payloads from 2021 to date.
Unless otherwise cited, all statistics in the report have been generated using data from Egress Defend, our integrated cloud email security (ICES) solution that detects the full spectrum of advanced phishing attacks.
The preferred times for phishing attacks
The report reveals that Sunday has become the favored day to receive phishing emails, with 22% of attacks sent on this day, closely followed by Friday at 19%. In addition, February 9th has emerged as the most phished day of the year so far.
Target profile: Who's in the crosshairs?
Millennials lead the pack as the primary target group for phishing attacks, with Gen X closely on their heels. When dissecting by occupation, CEOs are the most targeted job role, with financial and accounting professionals following suit. Several industries are under siege, with attackers setting their sights predominantly on finance, legal, and healthcare sectors.
Technical evasion techniques
An unsettling 20.2% of phishing emails employed technical measures to evade Microsoft 365 and secure email gateway detection. The report also highlights a prevalent technique, with a staggering 77.2% of impersonation attacks masquerading as well-known brands – Docusign and Microsoft being at the top of the list.
A new wave of phishing: QR codes and payload evolution
QR code phishing or "quishing" has skyrocketed, making up only 0.8% of phishing email payloads in 2021 to a whopping 10.8% in the past three months. Our analysts believe the quishing boom will continue until organizations have implemented effective countermeasures against this type of attack, which will force cybercriminals to revert to other tactics.
When it comes to phishing payloads, ransomware's prevalence has doubled since 2021, showing a sharp contrast against malware which has seen a significant decline in the same period. Currently, ransomware constitutes 32.6% of attachment-based payloads, and malware sits at 30.6%.
Multi-channel attacks
Attackers are not restricting themselves to one mode of communication, but instead are utilizing multiple channels to send a follow-up attack and increase their chances of success. Following an initial phishing email being sent to the target, Microsoft Teams was the most popular second step, accounting for 30.8% of attacks, followed by Slack (19.2%), and SMS (18.6%).
AI in the hands of cybercriminals
A significant worry this year is the continued emergence of AI-powered attacks, with the 2024 Email Security Risk Report finding that 63% of Cybersecurity leaders are concerned about the use of deepfakes in cyberattacks and 61% are worried about cybercriminals using generative AI chatbots to enhance their phishing campaigns.
With AI potentially playing a crucial role in identifying targets, drafting convincing phishing emails, and creating malware payloads, its capability to magnify the scale and personalization of attacks is unprecedented. So much so that our Threat Intelligence team believes that in the near future, some form of AI will be used in the majority of phishing attacks.
Bypassing secure email gateways (SEGs)
From January to March 2024, there has been an alarming 52.2% spike in attacks evading SEG detection, with 68.4% of these managing to pass essential authentication checks like DMARC. These frequently originate from compromised third-party accounts, some within the target's own supply chain – emphasising why many organizations are rapidly investing in integrated cloud email security (ICES) products that can detect a broader spectrum of phishing attacks.
The Egress approach
Our latest Phishing Threat Trends Report offers a sobering glance into the multifaceted world of phishing strategies so far in 2024. It reveals a clear escalation in attack sophistication, leveraging both traditional vulnerabilities and innovative tactics like AI-generated attacks and multi-channel approaches. This is pushing many organizations to consider replacing their SEG with and ICES solution that is able to identify and neutralize against the most advanced threats.
An integrated cloud email security solution, Egress Defend delivers AI-powered behavioral-based detection to eliminate the attacks that get through Microsoft 365’s native security and secure email gateways. Leveraging zero-trust and pre-generative models, Defend provides the highest efficacy of detection against sophisticated threats, including zero-day and emerging attacks, phishing emails sent from compromised accounts, and social engineering. Using dynamic banners applied to neutralized threats, Defend provides real-time teachable moments that continually ‘nudge’ employees into good security behaviors to tangibly reduce risk and augment security awareness. Book a demo with our team of experts today.
To read the full report, download your copy here.