Analysis of the second half of 2023 shows attackers are getting more aggressive with email-based phishing attacks in both frequency and execution.
Until there’s a catch-all way to stop malicious emails from being an effective means of initial attack, phishing will continue to grow as the primary initial attack vector for cybercriminals. According to Acronis’ newly-released Cyberthreats Report, H2 2023, the second half of last year saw a massive increase over the same time the previous year – a 222% increase.
Some interesting details about these attacks paint a picture of how phishing is being used:
- 78% of malicious emails were part of a phishing attack (as opposed to a BEC, malware, or advanced attack)
- 91% of organizations have faced AI-enhanced phishing attacks
- The number of attachments and URLs in malicious emails rose by 15%, with the average malicious email containing 2.7
As we look for what to expect in 2024 we should be preparing for continued growth in phishing attacks, the use of AI to make these attacks more convincing and effective, and more opportunities for recipients of such emails to engage with malicious content.
Even Acronis acknowledges that “human error remains a significant contributor”, putting security awareness training in the spotlight as an impactful way to minimize the risk introduced by the apparent growth we should expect in 2024.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.