Report: Advanced Phishing Attacks Grew By 356 Percent in 2022

A report recently published by Perception Point, a provider of advanced threat prevention across digital channels, has identified a 356% growth in the amount of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of attacks increased by 87%, highlighting the growing threat that cyber-attacks now pose to organizations.

Perception Point’s ‘2023 Annual Report: Cybersecurity Trends & Insights‘ examines cyber threats based on intelligence gathered from the company’s Advanced Threat Prevention solutions, which intercept attacks across email, web browsers, and cloud collaboration apps.

Throughout 2022, Perception Point’s Incident Response team analyzed several unique and concerning trends which are detailed in the report. Firstly, malicious actors continue to gain widespread access to new tools and advances in Artificial Intelligence (AI) and Machine Learning (ML) which simplify and automate the process of generating attacks.

Consequently, they are increasingly able to effortlessly launch sophisticated attacks – many of which are characterized by social engineering as well as evasion techniques, such as URL redirection, which make it difficult for the victim to identify them as malicious.

The report also identified how the threat landscape is changing due to the rapid adoption of new cloud collaboration apps, cloud storage, and services for productivity and external collaboration. Threat actors have pivoted their attack toolkits, reaching beyond email and web browsers to these apps and services. While email and the browser remain the leading attack vectors, 2022 saw a 161% surge in attacks on all other channels, such as cloud storage and collaboration apps.

Phishing proved to be the most pervasive threat, accounting for 67.4% of all attacks. 2022 also saw a significant increase in Business Email Compromise (BEC) attacks, which grew by 83%. BEC attacks, in which cybercriminals impersonate legitimate businesses and leverage social engineering techniques as well as thread hijacking to obtain large sums of money or confidential data, are often difficult for traditional email security solutions to detect.

In addition, these types of attacks, which are text-based, target individual employees, who are the weakest link in an organization’s security chain – even when they are highly trained.

“As the global threat landscape continues to evolve, we are sharing vital data that portrays the meteoric rise in the number of attacks, combined with increasingly sophisticated attack techniques that are designed to breach and damage organizations,” said Yoram Salinger, CEO of Perception Point. “This report clarifies the need for organizations to be vigilant in protecting their people from modern threats across the multiple business and collaboration channels, augmenting or replacing traditional security systems with effective prevention and rapid remediation services when required.”

Some additional findings include:

  • A 363% rise in phone scam attacks over 2022. In these attacks, attackers pose as legitimate companies and leverage social engineering techniques to invoke the user to call various support phone numbers. When the targets call, they are prompted by “helpful support teams” to provide personal information.
  • Microsoft was the brand most impersonated in malicious email, 3.3x more than the next most impersonated brand, LinkedIn.
  • Advanced attacks, which are complex, sophisticated, and can cause the greatest damage to the organization, made up 2% of all threats, but this proportion rose significantly when analyzing particular channels. Advanced attacks constituted 31.9% of the total on file storage tools, and some 56.9% on Amazon S3 buckets.

The full report can be viewed here.

Featured

  • The Impact of Convergence Between IT and Physical Security

    For years, the worlds of physical security and information technology (IT) remained separate. While they shared common goals and interests, they often worked in silos. Read Now

  • Unlocking Trustworthy AI: Building Transparency in Security Governance

    In situations where AI supports important security tasks like leading investigations and detecting threats and anomalies, transparency is essential. When an incident occurs, investigators must trace the logic behind each automated response to confirm its validity or spot errors. Demanding interpretable AI turns opaque “black boxes” into accountable partners that enhance, rather than compromise, organizational defense. Read Now

  • Seeking Innovative Solutions

    Denial, Anger, Bargaining, Depression and Acceptance. You may recognize these terms as the “5 Phases” of a grieving process, but they could easily describe the phases one goes through before adopting any new or emerging innovation or technology, especially in a highly risk-averse industry like security. However, the desire for convenience in all aspects of modern life is finally beginning to turn the tide from old school hardware as the go-to towards more user-friendly, yet still secure, door solutions. Read Now

  • Where AI Meets Human Judgment

    Artificial intelligence is everywhere these days. It is driving business growth, shaping consumer experiences, and showing up in places most of us never imagined just a few years ago. Read Now

  • Report: Only 44 Percent of Organizations are Fully Equipped to Support Secure AI

    Delinea recently published new research on the impact of artificial intelligence in reshaping identity security. According to the report, “AI in Identity Security Demands a New Playbook,” only 44% of organizations say their security architecture is fully equipped to support secure AI, despite widespread confidence in their current capabilities. Read Now

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.