London, UK – 3rd October 2024 – The 2024 Phishing Threat Trends Report by Egress, a renowned cybersecurity business and subsidiary of software firm KnowBe4, highlights notable changes in phishing strategies.
The research shows a 28% increase in phishing emails between Q1 vs Q2 2024. Moreover, 74.8% of phishing toolkits mention artificial intelligence as a key driver, while an alarming 82% of them mention deep fakes.
The report emphasizes that cybersecurity teams globally are being overrun by commodity phishing assaults, which are powered by mass impersonation, having increased by 2,700%.
The report found that hyperlinks make up the majority of these campaigns’ payloads (72.3%), which redirect users to more advanced threats while 14% made use of QR codes.
To make matters worse, APT (advanced persistent threat) campaigns have become more complicated as well with 52.5% of them being reported as zero-day assaults.
The cybersecurity firm also said that impersonation was key to phishing methods, with 89% of phishing emails employing fictitious identities. The most impersonated brands are Adobe and Microsoft, with 14.9% of assaults simply using social engineering and had no malicious payload.
Another concern emphasized by the report was the growing commoditization of AI in phishing toolkits. According to Jack Chapman, SVP of Threat Intelligence at Egress,
“One of the most troubling findings is the rapid commoditisation of AI in phishing toolkits, which is putting advanced threats into the hands of less sophisticated cybercriminals.”
He urged organisations to adopt advanced AI measures to successfully counter evolving cyber threats. The report showcased the current state of phishing and likened fighting fire with fire by tackling new AI-powered vulnerabilities with AI-powered cybersecurity practices.
Source: https://pages.egress.com/whitepaper-phishing-trends-threat-report-04-24.html