Leading cybersecurity firm Egress, a KnowBe4 company, has released its latest Phishing Threat Trends Report for October 2024, revealing a worrying increase in phishing activities. The report, which analyses recent statistics and threat intelligence insights, highlights how cybercriminals are adapting their tactics and commercialising their operations through sophisticated phishing toolkits.
Key findings from the report indicate a 28% increase in phishing emails sent between April and June 2024 compared to the first quarter of the year. Notably, June recorded the highest volume of phishing attacks. Alarmingly, 44% of these emails originated from compromised accounts, allowing perpetrators to bypass typical security measures. In addition, 72.3% of commodity attacks leveraged hyperlinks, while 14.0% used QR codes as their payload.
The report also highlights the growing reliance on phishing toolkits that are increasingly available on the dark web. Many of these toolkits operate on subscription models, offering features such as templated attacks and customer support to help less-skilled threat actors execute their campaigns effectively. Egress found that 82% of the examined phishing toolkits incorporated deepfake technology, while 74.8% referenced artificial intelligence. Such developments suggest that even novice cybercriminals can access advanced techniques, thereby increasing the threat landscape.
In a significant trend, 89% of phishing emails involved impersonation tactics. Adobe was identified as the most commonly impersonated brand, followed by Microsoft, with 14.9% of impersonation emails classified as “payloadless,” relying solely on social engineering techniques to deceive victims. Interestingly, the report notes that 26% of phishing emails impersonated brands with which the recipient had no prior relationship.
Commodity attacks, which impersonate well-known brands en masse, have also surged, peaking at 13.6% of all phishing emails detected by Egress in December 2023. Such campaigns lead to a staggering 2,700% increase in phishing incidents during these operations. Cybersecurity experts warn that these attacks, characterised by their reliance on images and hyperlinks, generate a high volume of noise that can obscure more sophisticated phishing attempts.
The report further examines advanced persistent threats (APTs), where cybercriminals—often backed by state-sponsored resources—launch highly targeted and methodical attacks against specific organisations. The analysis found that 52.5% of APTs were classified as zero-day attacks, while only 35.4% contained previously identified payloads.
Jack Chapman, Senior Vice President of Threat Intelligence at Egress, commented on the report’s findings: “The commoditisation of AI in phishing toolkits is alarming, putting advanced threats into the hands of less sophisticated cybercriminals. Organisations must adopt advanced AI defences to counter these evolving threats without introducing new vulnerabilities.” Chapman noted the persistent nature of impersonation tactics, stating that they have become a cornerstone of modern phishing attacks.
As cybercriminals continue to adapt their methods, the report serves as a crucial resource for cybersecurity teams aiming to stay ahead of emerging threats. By providing actionable insights and strategies, it emphasises the importance of being proactive in the face of evolving risks.
