New data obtained from the UK’s Information Commissioner’s Office by think tank Parliament Street shows an unprecedented rise in attacks against the UK’s information rights organization.
When you see massive increases in attacks it means a few things are likely true. First, threat actors are seeing successes via their campaigns and are wanting to double down and see if they can increase their revenues. Second, there are additional players entering the world of cybercrime. And third, the detection mechanisms employed are doing a better job of identifying email-based attacks.
According to data pulled via a Freedom of Information request by Parliament Street, the ICO experienced a huge jump in the number of monthly attacks during 2021. In January, they detected 150K spam and phishing emails. But within the month December, that number rose to over 4.1 million! The breakdown of some of the attacks include:
- A 2775% increase in spam emails from January to December
- A 423% increase in malware
- Only a 20% increase in phishing emails
These immense increases experience by just one organization may very well represent countless others (whose data simply isn’t accessible to the general public). And while it is good news to see that 4.1 million potentially malicious emails were identified, it speaks to a likely increase in the number of spam and phishing emails that get past security solutions and make their way to an Inbox, increasing the risk of attack.
With such massive numbers of emails being sent, it’s imperative that organizations also protect themselves at the most pivotal point in an email-based attack – the point where users interact with the malicious email content. By enrolling users in Security Awareness Training, they can be taught to identify suspicious content and to not engage with links or attachment, thereby nullifying an attack with simple inaction.