New data shows Phishing, Vishing, Social Media attacks, and Microsoft 365 credential attacks are all on the rise as more users are demonstrating savviness around identifying malicious content.
I like hearing that more employees are “getting it” and are being vigilant when interacting with email. But it’s equally important to understand why. Is it because users are paying more attention, because there are more attacks, or both. The information found within PhishLabs’ latest Quarterly Threat Trends & Intelligence Report has a lot to say about the increasing state of cyberthreats and how users are reacting to them. According to the report:
- Phishing volume is up nearly 32% year-over-year
- Vishing incidents have more than doubled for the second consecutive quarter
- Social Media threats are up 82% from January
So, it’s evident that attacks are increasing. Important to note, credential theft is also on the rise:
- 59% of reported corporate emails were Credential Theft attempts
- Of those, over half (51.6%) of the attacks reported targeted Microsoft 365 accounts
All this means you should be expecting more attacks from every possible threat vector in the near future. And while it appears from the PhishLabs data that more employees are reporting emails as being potentially malicious, they do report that the average employee within an organization only reports 3.3 suspicious emails per year. Considering, roughly one in every 300 emails is a phishing attack, there’s probably many more phishing emails that potentially can (and do) get through to the users Inbox.
It’s only through Security Awareness Training that users become more effective in identifying suspicious emails that may be harmful to the organization. And, while I’m happy to see the massive increase in employees reporting malicious emails, like me, you should want to see that percentage of vigilant employees in your organization be even higher.
Here's how it works:
