Image: Richa Sharma (unsplash)
Perception Point noticed an extraordinary growth of 356% in advanced phishing attacks launched by cybercriminals in 2022.
The company’s 2023 Annual Report: Cybersecurity Trends & Insights brought to light an 87% surge in total attacks for that year.
One contributing factor to this surge appears to be the broad access malicious actors now have to new cutting-edge tools, notably those empowered by artificial intelligence (AI) and machine learning (ML).
These technologies have streamlined the generation of complex attacks, incorporating elements of social engineering and evasion methodologies.
Perception Point’s CEO, Yoram Salinger, shared crucial data illustrating the steep rise in attack numbers and the escalating sophistication of attack methodologies, all geared towards breaching and inflicting harm on organizations.
Moreover, the report underscored the evolving threat landscape, a result of the rapid adoption of new cloud collaboration applications, cloud storage, and external collaboration productivity services.
Cybercriminals have shown a high degree of adaptability to this transformation, with 2022 recording a 161% increase in assaults targeting cloud storage and collaboration apps. However, email and browsers remained as the top attack vectors.
In terms of prevalence, phishing posed the most significant threat, being responsible for 67.4% of all attacks. The year also marked a notable upsurge in business email compromise (BEC) attacks, with an 83% increase. Microsoft became the most counterfeited brand in malicious emails, being mimicked 3.3 times more than the following most replicated brand, LinkedIn.
Phone scam attacks too recorded a notable expansion, growing by 363%.
Delving into specific channels, advanced attacks’ proportion witnessed a notable rise. For instance, advanced threats constitute 31.9% of attacks on file storage tools and 56.9% on Amazon S3 buckets.
Despite constituting just 2% of all threats, advanced attacks are complex and can inflict significant harm on organizations, as noted by Perception Point.
Salinger further underscored the necessity for organizations to maintain vigilance in shielding their personnel from modern threats across multiple business and collaboration channels, advocating for the augmentation or replacement of traditional security systems with effective preventive measures and swift remediation services when necessary.