Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months. “Attackers have developed tools to craft high quality large scale attacks that target the browser,” the researchers write. “Cybercrime tools, such as phish kits (PhaaS) and ransomware-as-a-service kits (RaaS), have simplified the process of launching sophisticated attacks.

Trustwave SpiderLabs is tracking a spike in usage of the Greatness phishing kit to attack Microsoft 365 users to distribute malicious HTML attachments that steal login credentials. Greatness is a phishing-as-a-service platform developed by a threat actor known as "fisherstell," and has been available since mid-2022 that provides a ready-made infrastructure and tools for anyone to launch phishing campaigns charging $120 per month in Bitcoin.

The Russian state-sponsored threat actor “COLDRIVER” is launching phishing campaigns against “high profile individuals in NGOs, former intelligence and military officers, and NATO governments,” according to researchers at Google’s Threat Analysis Group (TAG). “COLDRIVER continues its focus on credential phishing against Ukraine, NATO countries, academic institutions and NGOs,” TAG says.

BleepingComputer describes a phishing scam that’s been running rampant on Facebook for the past several months, in which threat actors use hacked accounts to post links to phony articles implying that someone has been killed in an accident. The Facebook posts have captions like “I can't believe he is gone,” accompanied by thumbnails of news articles involving car accidents or crime scenes.

Account takeover (ATO) is a form of identity theft that enables cybercriminals to send emails from a legitimate account within an organization. Hackers who gain control of an executive's account can request sensitive data and payments from employees in the knowledge that they're more likely to succeed than if they had simply created a spoofed email account. Our recently published Email Security Risk Report revealed that 58% of the 500 companies we surveyed had experienced instances of account takeover.

In a Friday regulatory filing, Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also identified as Nobelium or APT29. Microsoft's disclosure aligns with new U.S. requirements for reporting cybersecurity incidents. The attack was detected on January 12th, 2024, but it appears to have started in November 2023.

Over the last couple of difficult years, businesses worldwide have been forced to accelerate their adoption of new technologies and IT security – and cybercriminals have been just as fast to catch up. Fresh from our latest report, here are some headline stats about phishing that you need to know for 2024.

A survey by Egress has found that 94% of organizations were hit by phishing attacks in 2023, Infosecurity Magazine reports. Additionally, 91% of firms experienced data loss and exfiltration. The three most common causes of data loss were reckless behavior, human error and malicious exfiltration.

Account takeover (ATO) is a form of identity theft that happens when cybercriminals get their hands on a victim's login details. Once a fraudster has unlawful access to users' email accounts, they can impersonate their victims and trick employees into sending sensitive business data or large sums of money. In our recently published Email Security Risk Report, 58% of the 500 companies surveyed had experienced account takeover.

Egress Software is a cybersecurity firm specializing in digital communications. They analyze security risks within emails, messaging, documents, file-sharing gateways, and more. In their line of work, humans are the most significant cybersecurity risk to any organization.