Summary: The content discusses the significant increase in malicious phishing links, business email compromise (BEC), QR code, and attachment-based threats in the past six months, as reported by security experts. It also highlights the surge in malicious email and messaging threats and the potential use of generative AI tools for creating convincing phishing emails.
Threat Actor: Malicious actors
Victim: Organizations and individuals vulnerable to phishing attacks
Key Point :
- Security experts have observed a 341% increase in malicious phishing links, BEC, QR code, and attachment-based threats in the last six months.
- The report also reveals an 856% rise in malicious email and messaging threats over the previous year.
- Generative AI tools like ChatGPT can be utilized by threat actors to create convincing phishing emails and malicious code for ransomware attacks.
- The least-defended organizations are particularly vulnerable to these attacks, and the volume of attacks is expected to continue increasing.
Security experts have reported a 341% increase in malicious phishing links, business email compromise (BEC), QR code and attachment-based threats in the past six months.
This data comes from SlashNext’s mid-year The State of Phishing 2024 report, which also identified an 856% increase in malicious email and messaging threats over the previous 12 months. Since the launch of ChatGPT in November 2022, there has been a 4151% surge in malicious phishing messages.
“A bad actor can utilize ChatGPT in a number of ways, including to create convincing phishing emails,” warned Darren Guccione, CEO and co-founder at Keeper Security.
“Not only can the tools help bad actors create content such as a believable phishing email or malicious code for a ransomware attack, but they can do so quickly and easily. The least-defended organizations will be particularly vulnerable, as the volume of attacks will likely continue to increase.”
The report also identified a 217% increase in credential harvesting phishing attacks and a 29% rise in BEC attacks over the past six months.
CAPTCHA-based attacks are also increasing, with attackers using CloudFlare’s CAPTCHAs to conceal credential harvesting forms.
Additionally, cybercriminals are exploiting trusted services like Microsoft SharePoint, AWS and Salesforce to hide phishing and malware. QR code-based attacks now account for 11% of all malicious emails, often integrated into legitimate infrastructures.
“For protection, [consumers] should download tools to their laptops, desktops and mobile devices to help identify malicious emails,” said Krishna Vishnubhotla, vice president of product strategy at Zimperium. “This is a good starting point. Once that’s done, the real work begins, which includes developing better cyber hygiene.”
Source: https://www.infosecurity-magazine.com/news/341-rise-advanced-phishing-attacks
“An interesting youtube video that may be related to the article above”