New data shows that cybercriminals started this year off with a massive effort using new techniques and increased levels of attack sophistication.
According to cybersecurity vendor Vade’s Q1 2023 Phishing and Malware Report, the number of phishing attacks in Q1 this year reached the highest total since 2018. While January represented the lion’s share of Q1 phishing volume (approximately 87%), Vade detected over 562 million phishing emails.
This substantial push in January was not without its own trends. According to Vade, the use of malware declined by 13% from the same period last year, representing around 52 million detected instances.
What is not surprising is the focus on targeting credential theft of productivity suites, including Microsoft 365. Vade did note the creative use of YouTube attribution links being used as redirects, CAPTCHA to avoid being detected by security solutions, and obfuscated IPFS Decentralized Networks addresses (via Google Translate) all to ensure engaged victims make their way to the spoofed productivity suite login page to steal their credentials.
With phishing continuing to grow in frequency, sophistication and focused targeting of simple credentials, it’s necessary for your organization to ensure its’ users recognize these attacks the moment they see them – something taught through continual new school Security Awareness Training.
