A brand new report from Hornetsecurity has discovered that 427.8 million emails obtained by companies in 2024 contained malicious content material.
“As soon as once more, phishing stays probably the most prevalent type of assault, chargeable for a 3rd of all cyber-attacks in 2024,” Hornetsecurity’s researchers write.
“This was confirmed by the evaluation of 55.6 billion emails, displaying that Phishing stays a high concern persistently 12 months over 12 months. Malicious URLs and superior charge scams have been chargeable for 22.7% and 6.4% respectively.”
The researchers noticed fewer malicious attachments in 2024, as attackers shifted their focus to stealing credentials by way of social engineering.
“The information exhibits a lower in the usage of malicious attachments, this is because of an increase in reverse-proxy credential theft assaults over the previous 12 months, which use social engineering and malicious hyperlinks (not attachments) to trick customers,” Hornetsecurity says.
“These assaults redirect customers to faux login pages that seize credentials in real-time, even bypassing two-factor authentication. Malicious URLs are the second most typical sort of assault, making up 22.7% of all assaults. Their use surged in 2023 and continues to develop as attackers use them in credential-stealing makes an attempt. Instruments resembling Evilginx enable attackers to arrange faux login pages to trick customers into getting into their credentials, that are then captured.”
The researchers additionally discovered that transport corporations have been probably the most generally impersonated manufacturers all through 2024, with DHL and FedEx topping the listing.
“Delivery manufacturers proceed to be standard as a result of the truth that they are often simply included in social engineering type assaults by way of phishing and smishing,” the report says. “Each assault types boast a excessive diploma of similarity to actual communications from these organizations and simply trick much less educated customers into giving freely private particulars and/or cost info.”
New-school safety consciousness coaching can provide your group a vital layer of protection by instructing your workers to acknowledge social engineering assaults. KnowBe4 empowers your workforce to make smarter safety choices day by day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and cut back human danger.
Hornetsecurity has the story.