HomeRisk ManagementsPhishing Click Rates Triple in 2024

Phishing Click Rates Triple in 2024

Published on

spot_img

Research conducted by Netskope in 2024 revealed a concerning trend in the behavior of enterprise users when it comes to phishing attacks. The study found that the rate of users clicking on phishing lures had nearly tripled compared to the previous year, with more than eight out of every 1000 users falling victim to these attacks each month. This significant increase, amounting to a 190% rise from 2023, has been attributed to a combination of cognitive fatigue among users and the evolving tactics employed by cyber attackers to deliver more sophisticated and harder-to-detect phishing lures.

One of the key findings of the research was that cloud applications were the primary target of phishing campaigns, accounting for 27% of all user clicks on phishing links. Attackers typically aim to compromise accounts associated with these applications and then sell access to them on illicit marketplaces. This access can be used for various malicious purposes, including business email compromise, data theft, or targeting more valuable victims. Microsoft emerged as the most targeted cloud app brand, making up 42% of phishing link clicks within this category.

In addition to cloud applications, banking (17%) and telco (13%) providers were also among the top targets of phishing campaigns. The report highlighted a noticeable shift in the locations from which users were clicking on phishing links, with a decreasing reliance on email as the primary source. Instead, a significant majority of malicious links were being accessed from various locations across the web, including search engines (19%), where attackers exploit tactics such as malicious ads and SEO poisoning to lure victims to phishing pages.

Moreover, the research shed light on the growing adoption of GenAI apps in the workplace, with 94% of companies utilizing these applications in 2024, up from 81% in the previous year. On average, organizations were found to use 9.6 GenAI apps, with ChatGPT being the most popular choice among users. The study also revealed a threefold increase in employee usage of GenAI apps, underscoring the need for organizations to implement stringent controls to mitigate security and privacy risks associated with these technologies.

To address the risks posed by GenAI apps, a significant number of organizations have adopted various security measures. This includes blocking select GenAI apps, employing real-time interactive user coaching to educate individuals on AI risk, and implementing data loss prevention solutions to regulate the flow of data into these applications. These proactive measures aim to safeguard sensitive information and mitigate potential threats posed by the increasing use of GenAI technologies in the workplace.

In conclusion, the research findings by Netskope underscore the evolving threat landscape faced by enterprise users, particularly in the realm of phishing attacks and the adoption of GenAI technologies. As cyber attackers continue to refine their tactics and target vulnerabilities in new ways, organizations must remain vigilant and proactive in implementing robust security measures to protect against potential cyber threats and safeguard sensitive data.

Source link

Latest articles

CISA and International Partners Release Guidance for Owners and Operators of OT Systems

In a recent development, CISA, along with U.S. and international partners, has unveiled a...

Users of Trump’s Truth Social are falling victim to widespread scams on the internet

The social media platform Truth Social, launched by the Trump Media & Technology Group...

Hacking group exposes information on 15k vulnerable FortiGate firewall devices

A recent development in the ongoing cybersecurity saga involving vulnerable Fortinet FortiGate firewall devices...

Biotech company resolves class action lawsuit stemming from ransomware attack with $7.5 million settlement

Enzo Biochem, a prominent biotech company, recently made headlines after agreeing to settle a...

More like this

CISA and International Partners Release Guidance for Owners and Operators of OT Systems

In a recent development, CISA, along with U.S. and international partners, has unveiled a...

Users of Trump’s Truth Social are falling victim to widespread scams on the internet

The social media platform Truth Social, launched by the Trump Media & Technology Group...

Hacking group exposes information on 15k vulnerable FortiGate firewall devices

A recent development in the ongoing cybersecurity saga involving vulnerable Fortinet FortiGate firewall devices...