New Research Shows An Alarming Trend of Phishing Attacks Doubling For US and European Organizations

Cybercriminals never sleep, and their aim keeps getting better.

According to new research from Abnormal Security, phishing attacks targeting organizations in Europe shot up by a staggering 112.4% between April 2023 and April 2024. Meanwhile, US organizations weren't spared either, with phishing attempts increasing by 91.5% over the same period.

Phishing may be an old-school social engineering tactic, but it's no joke. At its core, phishing is all about tricking people into handing over their credentials or inadvertently installing malware.

Once cybercriminals have that initial access, they can pull off all sorts of dastardly deeds - data theft, ransomware, you name it.

The FBI's Internet Crime Complaint Center (IC3) data confirms phishing's lasting appeal to cybercriminals, despite not being the most lucrative attack type. Why? Because phishing is the perfect opening act, granting that crucial initial foothold for crooks to raise the curtain on bigger attacks.

Business Email Compromise (BEC) Escalates

According to Abnormal's report, threat actors have been especially busy cooking up slick business email compromise (BEC) scams. For US enterprises, BEC incidents surged by 72.2% year-over-year, while European businesses endured a 123.8% spike.

A nasty subset called vendor email compromise (VEC) is gaining steam too. With VEC, fraudsters impersonate trusted vendors to dupe employees into paying bogus invoices, updating banking info, or initiating wire transfers to criminal accounts.

Don't Get Hooked: Constant Security Awareness Training is Key

Phishing's upward swing reminds us that new-school security awareness training is more crucial than ever. Your employees are the first line of defense against phishing - so empower them! Ensure they know the latest phishing red flags and can spot even the most persuasive lures.

Infosecurity Magazine has the full story.