The latest data from Comcast Business’ analysis of over 23.5 billion cyber attacks on their business customers shows the importance and role of phishing in attacks.
Over the years there has been a consistent mantra, where everyone agrees that “90-something” percent of cyber attacks start with phishing. There have been plenty of sources that corroborate this using percentages in the 90th percentile, but the overall message is phishing is your greatest Initial Access tactic.
The latest data in the 2023 Comcast Business Cybersecurity Threat Report continues to agree with the phishing sentiment, stating that 89.46% of cyber attacks on their customers begin with a phishing attack.
As the report states, “It’s popular because it works.”
Of the 23.5 billion attacks, Comcast identified nearly 2 billion phishing attacks designed to gain initial access through harvesting credentials. In addition, they identified frequently-used malware intent on stealing credentials. 34% of such attacks used spoofed websites to steal credit card details and credentials, 60% used keylogger, trojan, and infostealer malware to obtain credentials, and 6% used malicious documents requiring user interaction.
Regardless of the methodology, the goal is clear – cybercriminals need credentials to gain initial access, to escalate privileges, to move laterally, and to access data. It’s equally clear that phishing is the method of choice to obtain these credentials, making it necessary for organizations to elevate their user’s state of vigilance – something taught with security awareness training – to avoid engaging with malicious content in emails that would trigger the beginning of a cyberattack, even if the goal is to just capture credentials.
Here's how it works:
