A survey by Egress has found that 94% of organizations were hit by phishing attacks in 2023, Infosecurity Magazine reports. Additionally, 91% of firms experienced data loss and exfiltration. The three most common causes of data loss were reckless behavior, human error and malicious exfiltration.
Account takeover (ATO) is a form of identity theft that happens when cybercriminals get their hands on a victim's login details. Once a fraudster has unlawful access to users' email accounts, they can impersonate their victims and trick employees into sending sensitive business data or large sums of money. In our recently published Email Security Risk Report, 58% of the 500 companies surveyed had experienced account takeover.
This year’s Email Security Risk Report touches on a range of topics from inbound email security and data loss prevention, including the fallout of successful phishing attacks, how Cybersecurity leaders feel about their secure email gateways (SEGs), and the limitations of traditional SAT programs.
A phishing campaign is targeting Chinese users in an attempt to distribute malicious apps, according to researchers at Palo Alto Networks’s Unit 42. "The threat actor masquerades as a law enforcement official and says the target's phone number or bank account is suspected of being involved in financial fraud,” the researchers write. “They then guide the person to download an app that will allow the attacker to investigate their bank transactions.