The New Normal: A 1265% Increase in Phishing Emails
The threat landscape has undergone a seismic shift over the past year, and a new report solidifies this worrying trend. According to the annual SlashNext State of Phishing Report for 20231, there has been a staggering 1,265% increase in malicious phishing emails since the fourth quarter of 2022. This surge is attributed, in part, to the advanced use of AI tools like ChatGPT by cybercriminals.
AI Tools and Dark Web Syndicates: A Threat Multiplier
The report, backed by extensive research from SlashNext Threat Labs, paints a bleak picture of the current cybersecurity climate. Analyzing billions of threats across various channels including email, mobile, and browsers, the study also delves into cybercriminal behavior on the Dark Web. Specifically, it focuses on how generative AI tools and chatbots are being leveraged to amplify phishing campaigns.
This comes as a cautionary tale for cybersecurity professionals, 77% of whom reported being targets of phishing attacks.
Notably, 28% received such messages via text, highlighting the multi-channel nature of modern phishing schemes.
Credential Phishing Skyrockets by 967%
The use of AI in phishing has not only increased the volume but also the sophistication of attacks. The report shows a 967% increase in credential phishing. This form of attack is particularly damaging as it allows criminals to gain unauthorized access to sensitive systems, further underscoring the evolving complexity of phishing techniques.
The Underbelly of Business Email Compromise
Text-based Business Email Compromise (BEC) accounts for 68% of all phishing emails, according to the report. Astonishingly, nearly half of the cybersecurity professionals surveyed (46%) reported receiving a BEC attack. These attacks are not just a minor inconvenience; they often lead to significant financial losses and can erode the integrity of organizational communications.
Smishing: The Silent Scourge
While email remains a common attack vector, the report indicates that 39% of all mobile-based attacks were SMS phishing, colloquially known as Smishing.
This is an alarming development, especially in a world increasingly reliant on mobile communications for both personal and professional interactions.
- https://slashnext.com/wp-content/uploads/2023/10/SlashNext-The-State-of-Phishing-Report-2023.pdf ↩︎