Phishing attacks are on the rise, becoming increasingly sophisticated as cybercriminals adopt advanced tactics, including AI tools and multi-channel phishing, according to a new report by Egress.
In the second quarter of 2024, phishing emails surged by 28% compared to the first quarter, with a striking 52.2% of these attacks successfully bypassing secure email gateways (SEG).
One notable trend is the rise of commodity phishing, where attackers impersonate well-known companies to lure users into clicking on fake offers or links. Organizations with over 2,000 employees reported an astonishing 2,700% increase in phishing attempts, averaging 36 phishing emails per day.
To evade detection, attackers employ methods like HTML smuggling, embedding malicious scripts in HTML attachments, and exploiting vulnerabilities in trusted websites to host malware.
AI is increasingly utilized to automate and personalize phishing campaigns, making them more convincing. Deepfakes and AI-generated chatbots have become common tools for cybercriminals, enhancing their ability to impersonate trusted individuals or organizations.
Additionally, multi-channel phishing tactics allow attackers to target victims across various platforms, including email, SMS, and collaboration tools like Microsoft Teams, reflecting a concerning trend in 2024.
Businesses are urged to implement advanced security measures and foster a culture of awareness to combat the growing threat of phishing.