LEESBURG, Va. – February 20, 2024 – Cofense® , the pioneer and primary supplier of e mail security awareness training (SAT) and innovative phishing detection and response (PDR) remedies, these days introduced the launch of its 2024 Annual State of E-mail Security Report. The details provided in this report are curated from the Cofense Phishing Detection Heart which has a 99.998% good precision price and reveals alarming tendencies and vital insights into the latest landscape of electronic mail security.
The Cofense Phishing Detection and Response System, driven by over 35 million Cofense-educated staff members, detected a document-setting quantity of malicious email messages and phishing strategies in 2023. In just two decades, Cofense PDR recognized above 1.5 million malicious e-mail bypassing their customers’ Safe Electronic mail Gateways (SEGs), signaling a 37% maximize in threats when compared to 2022, and a staggering 310% improve around 2021. To set this in context, the report highlights that Cofense detected at the very least just one malicious email bypassing their customers’ SEGs every single 57 seconds.
“As we unveil the stats from the 2024 Annual State of Email Stability Report, it’s obvious that the email-dependent assault vector is evolving at an unprecedented tempo likely into 2024,” mentioned David Van Allen, CEO of Cofense.
The Cofense Annual Report points out that safe e-mail gateways struggle to continue to keep rate with refined phishing strategies and relying on ‘superior sufficient’ e-mail safety is no more time an selection for most enterprises.
“The info we present in this report speaks specifically about the escalating sophistication of cyber threats, which demand a unique tactic to effective email protection. Cofense remains dedicated to furnishing organization methods to preserve up with evolving threats,” said Van Allen.
The E-mail Stability Landscape
The report highlights that e-mail remains the principal assault vector for cybercrime, with 90% of data breaches originating from phishing assaults aimed at personnel. Protected e mail gateways are battling to hold pace with the speedily evolving nature of phishing strategies, evidenced by a concerning 104.5% maximize in the amount of destructive email messages bypassing SEGs in 2024. Credential phishing, the favored method of threat actors, also noticed a staggering 67% improve in volume compared to the earlier yr. Other top rated traits in 2023 bundled:
- Phishing strategies evolved – In 2023 Cofense observed an raise in tactics like vishing, smishing, brand impersonation, and QR code phishing that bypass SEGs. Cofense described a 331% maximize in QR code energetic menace studies (ATRs) last 12 months.
- Health care and finance remained the top targeted industries – Will increase in destructive e-mails bypassing SEGs in individuals industries at 84.5% and 118%, respectively.
- New malware households, like DarkGate and PikaBot, emerged to fill the gap left by the FBI’s dismantling of the Qakbot infrastructure.
Rising Threats to View:
- Brand Impersonation and Vishing: Model impersonation and vishing campaigns are on the increase, with threat actors exploiting these methods to deceive staff members. These attacks are successful at bypassing SEGs, as they generally deficiency attachments or obvious hyperlinks.
- Resurgence of Emotet/Geodo: Inspite of legislation enforcement steps in 2021, Emotet/Geodo resurfaced in 2023, highlighting the persistence and adaptability of this harmful malware.
- Agent Tesla Keylogger: A persistent danger all over 2021 and 2022, Snake Keylogger remained a considerable danger in 2023. As we go into 2024, its means to evade detection by antivirus application tends to make it a relating to danger to companies.
- FormBook’s Menace: A regular danger, FormBook is an data-stealer malware focused on accessing delicate information and facts from infected techniques. Corporations are urged to proactively safeguard in opposition to this pervasive threat.
- Google AMP Phishing Tactic: A new phishing tactic leveraging Google Accelerated Mobile Webpages (AMP) has been recognized, proving highly profitable. Cofense stories a 1,092% increase in Google AMP e-mail bypassing safe e mail gateways in the final six months of 2023.
- Organization Email Compromise (BEC): BEC stays a person of the most devastating cybercrimes, with scammers exploiting conversational-dependent phishing attacks. Standard defenses usually are unsuccessful to catch these attacks, resulting in billions of bucks remaining stolen annually.
To obtain the comprehensive 2024 Yearly Point out of Electronic mail Stability Report, click below.
About Cofense
Cofense® is the original and primary provider of stability recognition teaching and phishing simulation, offering one-of-a-form world wide business-level superior email risk detection and remediation alternatives. Cofense PhishMe® and Cofense Phishing Detection and Response Platform (PDR) offer the world’s only alternative leveraging around 35 million Cofense-trained employees who actively report suspected phishing and other unsafe email threats in true-time. Exceptional only to Cofense, this reporting program ingests and catalogs hundreds of prospective threats for every working day that are missed by existing email gateway systems and then eradicates those people threats from customer inboxes. In limited, Cofense sees and stops threats other e mail safety programs miss out on. Be sure to check out www.cofense.com or link with us on X and LinkedIn for more data.
The post Cofense Annual Report Signifies 105% Boost in Malicious E-mails Bypassing Safe Email Gateways appeared first on Cofense.