Just type your contacts
Just type your contacts
You accept the privacy policy by submitting the form.
Just type your contacts
You accept the privacy policy by submitting the form.
Social engineering news review
1
Phishing Statistics: Think twice before clicking
This article contains excerpts from various reports offering statistics and analysis of the current state of phishing attacks.
-—
AI-based phishing attacks mislead even experienced users
**Source: Zscaler | Zscaler ThreatLabZ Phishing Report 2024 | May 2024**
In 2023, the United States (55.9%), the United Kingdom (5.6%) and India (3.9%) were the most vulnerable to phishing attacks. The financial and insurance sectors recorded the largest number of phishing attempts, which is 393% more than the previous year.
-—
Artificial Intelligence and the future of phishing
**Source: Egress | Phishing Threat Trends Report for 2024 | April 2024**
Millennials are the main target of phishing attacks, receiving 37.5% of all phishing emails. The most frequently attacked roles are CEOs; 13.4% of attacks mimic personalities familiar to the victim, such as senior executives.
-—
The Evolution of Image Phishing tactics
**Source: IRONSCALES and Osterman Research | Protection against attacks based on images and QR codes | March 2024**
Despite the fact that 70% of organizations are confident in their security against attacks using images and QR codes, 76% have been compromised in the last 12 months. 93% of specialists are aware of attacks using images, and 79% are aware of attacks using QR codes.
-—
Difficulties in detecting phishing using LLM
**Source: LastPass | Fighting Social Engineering in 2024 | March 2024**
More than 95% of respondents believe that dynamic content based on large language models complicates phishing detection. Although 88% are confident in their testing programs, only 16% of users identify 75-100% of suspicious activity.
-—
A sharp increase in attacks after the launch of ChatGPT
**Source: Enea | Mobile Network Security: Bridging the Gap between Enterprise Needs and CSP Capabilities | February 2024**
Since the launch of ChatGPT in November 2022, the number of fraudulent and phishing attacks has increased by 1,265%.
-—
Consequences of risky actions
**Source: Check Point | The state of phishing in 2024 | February 2024**
The frequency of successful phishing attacks has decreased (71% in 2023 versus 84% in 2022), but the negative consequences have increased: the number of financial sanctions has increased by 144% and damage to reputation by 50%.
-—
Problems with secure mail gateways
**Source: Cofense | Annual Email Security Status Report for 2024 | February 2024**
Email remains the main vector of cybercrime: 90% of data leaks are related to phishing. Attacks on credentials increased by 67% compared to last year.
-—
Clean links and sophisticated attacks
**Source: VIPRE Security | Email Security in 2024: an Expert View | February 2024**
Phishing emails use links in 71% of cases. The sectors most vulnerable to phishing are financial services (22%), IT (14%), healthcare (14%), education (10%) and government (8%).
-—
AI-based phishing attacks mislead even experienced users
**Source: Zscaler | Zscaler ThreatLabZ Phishing Report 2024 | May 2024**
In 2023, the United States (55.9%), the United Kingdom (5.6%) and India (3.9%) were the most vulnerable to phishing attacks. The financial and insurance sectors recorded the largest number of phishing attempts, which is 393% more than the previous year.
-—
Artificial Intelligence and the future of phishing
**Source: Egress | Phishing Threat Trends Report for 2024 | April 2024**
Millennials are the main target of phishing attacks, receiving 37.5% of all phishing emails. The most frequently attacked roles are CEOs; 13.4% of attacks mimic personalities familiar to the victim, such as senior executives.
-—
The Evolution of Image Phishing tactics
**Source: IRONSCALES and Osterman Research | Protection against attacks based on images and QR codes | March 2024**
Despite the fact that 70% of organizations are confident in their security against attacks using images and QR codes, 76% have been compromised in the last 12 months. 93% of specialists are aware of attacks using images, and 79% are aware of attacks using QR codes.
-—
Difficulties in detecting phishing using LLM
**Source: LastPass | Fighting Social Engineering in 2024 | March 2024**
More than 95% of respondents believe that dynamic content based on large language models complicates phishing detection. Although 88% are confident in their testing programs, only 16% of users identify 75-100% of suspicious activity.
-—
A sharp increase in attacks after the launch of ChatGPT
**Source: Enea | Mobile Network Security: Bridging the Gap between Enterprise Needs and CSP Capabilities | February 2024**
Since the launch of ChatGPT in November 2022, the number of fraudulent and phishing attacks has increased by 1,265%.
-—
Consequences of risky actions
**Source: Check Point | The state of phishing in 2024 | February 2024**
The frequency of successful phishing attacks has decreased (71% in 2023 versus 84% in 2022), but the negative consequences have increased: the number of financial sanctions has increased by 144% and damage to reputation by 50%.
-—
Problems with secure mail gateways
**Source: Cofense | Annual Email Security Status Report for 2024 | February 2024**
Email remains the main vector of cybercrime: 90% of data leaks are related to phishing. Attacks on credentials increased by 67% compared to last year.
-—
Clean links and sophisticated attacks
**Source: VIPRE Security | Email Security in 2024: an Expert View | February 2024**
Phishing emails use links in 71% of cases. The sectors most vulnerable to phishing are financial services (22%), IT (14%), healthcare (14%), education (10%) and government (8%).
2
The number of phishing attacks detected by artificial intelligence has increased by 60%
Zscaler, a company specializing in cloud security, has released the Zscaler ThreatLabZ phishing report for 2024. The document reports that in 2023, the number of phishing attacks controlled by artificial intelligence increased by 60%, and Australia was one of the most affected countries.
The report's data is based on two billion blocked phishing transactions through the Zscaler Zero Trust Exchange platform from January to December 2023, making Australia one of the top ten countries that have become the main sources of phishing attacks.
"The potential of artificial intelligence is changing the landscape of cyber threats and redefining opportunities in the world of cyber attacks, especially phishing scams. There have been 29,427,987 phishing attempts in Australia, which highlights the scale of the threat," said Eric Swift, ANZ vice president at Zscaler. "Phishing remains a constant threat, and with the advent of new technologies, it is extremely important for organizations to understand the best methods of protection against phishing attacks. The results show that a proactive approach with zero trust and the use of advanced artificial intelligence capabilities is necessary to combat new threats."
Key findings of the report include:
- An increase in attacks using Vishing (voice phishing) and deepfake phishing, where attackers use generative AI to enhance social engineering tactics.
- Australia is among the top ten countries, along with the United States, Great Britain, India and Germany, that have become targets of phishing scams.
- In Australia, the volume of phishing content increased by 479.3%.
- The manufacturing sector has become the most vulnerable in Australia, Korea, Malaysia, Singapore and Taiwan.
In 2023, there were 5,984,195 phishing attacks in the manufacturing sector and 5,776,337 attacks in the service sector in Australia. Other industries affected include technology, public administration, education, finance, insurance, retail and wholesale.
The United States (55.9%) topped the list of countries with the highest number of phishing attacks, followed by the United Kingdom (5.6%) and India (3.9%). The high prevalence of phishing in the United States is explained by the developed digital infrastructure and the widespread use of online financial transactions. Most of the attacks originated from the United States, Great Britain and Russia, while Australia entered the top 10 due to an increase in phishing content by 479% compared to the previous year.
The financial and insurance sectors recorded the largest number of phishing attempts, which is 393% more than in the previous year.
The report's data is based on two billion blocked phishing transactions through the Zscaler Zero Trust Exchange platform from January to December 2023, making Australia one of the top ten countries that have become the main sources of phishing attacks.
"The potential of artificial intelligence is changing the landscape of cyber threats and redefining opportunities in the world of cyber attacks, especially phishing scams. There have been 29,427,987 phishing attempts in Australia, which highlights the scale of the threat," said Eric Swift, ANZ vice president at Zscaler. "Phishing remains a constant threat, and with the advent of new technologies, it is extremely important for organizations to understand the best methods of protection against phishing attacks. The results show that a proactive approach with zero trust and the use of advanced artificial intelligence capabilities is necessary to combat new threats."
Key findings of the report include:
- An increase in attacks using Vishing (voice phishing) and deepfake phishing, where attackers use generative AI to enhance social engineering tactics.
- Australia is among the top ten countries, along with the United States, Great Britain, India and Germany, that have become targets of phishing scams.
- In Australia, the volume of phishing content increased by 479.3%.
- The manufacturing sector has become the most vulnerable in Australia, Korea, Malaysia, Singapore and Taiwan.
In 2023, there were 5,984,195 phishing attacks in the manufacturing sector and 5,776,337 attacks in the service sector in Australia. Other industries affected include technology, public administration, education, finance, insurance, retail and wholesale.
The United States (55.9%) topped the list of countries with the highest number of phishing attacks, followed by the United Kingdom (5.6%) and India (3.9%). The high prevalence of phishing in the United States is explained by the developed digital infrastructure and the widespread use of online financial transactions. Most of the attacks originated from the United States, Great Britain and Russia, while Australia entered the top 10 due to an increase in phishing content by 479% compared to the previous year.
The financial and insurance sectors recorded the largest number of phishing attempts, which is 393% more than in the previous year.
3
New Phishing Techniques: Cloudflare employees, HTML Smuggling and Artificial Intelligence
Cybersecurity experts have identified new phishing campaigns in which attackers use Cloudflare workers to host phishing sites. These sites are aimed at collecting user credentials of popular web mail services such as Microsoft, Gmail, Yahoo! and cPanel.
The method, known as transparent phishing or the attacker-in-the-middle (AitM) attack, uses Cloudflare employees as a reverse proxy for legitimate login pages, intercepting traffic between the victim and the login page to steal credentials, cookies and tokens, as Netskope researcher Jan Michael Alcantara noted in his report.
Over the past 30 days, most of the phishing campaigns posted on Cloudflare Workers have targeted victims from Asia, North America and Southern Europe, covering industries such as technology, financial services and banking.
The cybersecurity company noted a significant increase in traffic to phishing pages hosted on Cloudflare Workers starting in the second quarter of 2023. The number of individual domains has grown from just over 1,000 in the fourth quarter of 2023 to almost 1,300 in the first quarter of 2024.
These phishing campaigns use an HTML smuggling technique that involves using malicious JavaScript to deliver malicious content on the client side, bypassing security measures. This highlights the complex strategies used by attackers to attack target systems.
A distinctive feature is that the phishing page is reconstructed and displayed to the user in a web browser, creating the illusion of legitimacy.
The phishing page prompts the victim to log into Microsoft Outlook or Office 365 (now Microsoft 365) to view a fake PDF document. If the victim enters their credentials, fake login pages hosted on Cloudflare Workers collect this data, including multi-factor authentication (MFA) codes.
"The phishing page was created using a modified version of the open Cloudflare AitM toolkit," said Michael Alcantara. "When the victim enters their credentials, they get to a legitimate site, and the attacker receives tokens and cookies, as well as access to any further actions of the victim."
HTML smuggling as a way of delivering malicious content is increasingly being used by attackers to circumvent modern security measures. This allows you to host fraudulent HTML pages and other malware without causing alarms.
In one of the cases described by Huntress Labs, a fake HTML file was used to embed an iframe of a legitimate Microsoft authentication portal extracted from a domain controlled by an attacker.
Due to the growing threats, it is important to train employees to recognize the signs of phishing and understand modern attack methods. This includes learning how to identify suspicious emails, links, and websites, as well as taking precautions when entering credentials. Regular training and phishing attack simulations can significantly increase employee awareness and resilience to such threats.
The method, known as transparent phishing or the attacker-in-the-middle (AitM) attack, uses Cloudflare employees as a reverse proxy for legitimate login pages, intercepting traffic between the victim and the login page to steal credentials, cookies and tokens, as Netskope researcher Jan Michael Alcantara noted in his report.
Over the past 30 days, most of the phishing campaigns posted on Cloudflare Workers have targeted victims from Asia, North America and Southern Europe, covering industries such as technology, financial services and banking.
The cybersecurity company noted a significant increase in traffic to phishing pages hosted on Cloudflare Workers starting in the second quarter of 2023. The number of individual domains has grown from just over 1,000 in the fourth quarter of 2023 to almost 1,300 in the first quarter of 2024.
These phishing campaigns use an HTML smuggling technique that involves using malicious JavaScript to deliver malicious content on the client side, bypassing security measures. This highlights the complex strategies used by attackers to attack target systems.
A distinctive feature is that the phishing page is reconstructed and displayed to the user in a web browser, creating the illusion of legitimacy.
The phishing page prompts the victim to log into Microsoft Outlook or Office 365 (now Microsoft 365) to view a fake PDF document. If the victim enters their credentials, fake login pages hosted on Cloudflare Workers collect this data, including multi-factor authentication (MFA) codes.
"The phishing page was created using a modified version of the open Cloudflare AitM toolkit," said Michael Alcantara. "When the victim enters their credentials, they get to a legitimate site, and the attacker receives tokens and cookies, as well as access to any further actions of the victim."
HTML smuggling as a way of delivering malicious content is increasingly being used by attackers to circumvent modern security measures. This allows you to host fraudulent HTML pages and other malware without causing alarms.
In one of the cases described by Huntress Labs, a fake HTML file was used to embed an iframe of a legitimate Microsoft authentication portal extracted from a domain controlled by an attacker.
Due to the growing threats, it is important to train employees to recognize the signs of phishing and understand modern attack methods. This includes learning how to identify suspicious emails, links, and websites, as well as taking precautions when entering credentials. Regular training and phishing attack simulations can significantly increase employee awareness and resilience to such threats.