UK ICO Sees a Massive Increase in Targeted Email Attacks

UK ICO Sees Massive Increase in Targeted Email AttacksNew data obtained from the UK’s Information Commissioner’s Office by think tank Parliament Street shows an unprecedented rise in attacks against the UK’s information rights organization.

When you see massive increases in attacks it means a few things are likely true. First, threat actors are seeing successes via their campaigns and are wanting to double down and see if they can increase their revenues. Second, there are additional players entering the world of cybercrime. And third, the detection mechanisms employed are doing a better job of identifying email-based attacks.

According to data pulled via a Freedom of Information request by Parliament Street, the ICO experienced a huge jump in the number of monthly attacks during 2021. In January, they detected 150K spam and phishing emails. But within the month December, that number rose to over 4.1 million! The breakdown of some of the attacks include:

  • A 2775% increase in spam emails from January to December
  • A 423% increase in malware
  • Only a 20% increase in phishing emails

These immense increases experience by just one organization may very well represent countless others (whose data simply isn’t accessible to the general public). And while it is good news to see that 4.1 million potentially malicious emails were identified, it speaks to a likely increase in the number of spam and phishing emails that get past security solutions and make their way to an Inbox, increasing the risk of attack.

With such massive numbers of emails being sent, it’s imperative that organizations also protect themselves at the most pivotal point in an email-based attack – the point where users interact with the malicious email content. By enrolling users in Security Awareness Training, they can be taught to identify suspicious content and to not engage with links or attachment, thereby nullifying an attack with simple inaction.

Find out which of your users' emails are exposed before bad actors do.

Many of the email addresses and identities of your organization are exposed on the internet and easy to find for cybercriminals. With that email attack surface, they can launch social engineering, spear phishing and ransomware attacks on your organization. KnowBe4's Email Exposure Check Pro (EEC) identifies the at-risk users in your organization by crawling business social media information and now thousands of breach databases.

EECPro-1Here's how it works:

  • The first stage does deep web searches to find any publicly available organizational data
  • The second stage finds any users that have had their account information exposed in any of several thousand breaches
  • You will get a summary report PDF as well as a link to the full detailed report
  • Results in minutes!

Get Your Free Report

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews