SlashNext analyzed billions of link-based URLs, attachments, and natural language messages in email, mobile and browser channels over six months in 2022 and found more than 255 million attacks – a 61% increase in the rate of phishing attacks compared to 2021. The latest State of Phishing Report findings highlights that some security strategies are struggling to stop threats, as bad actors increasingly launch attacks from trusted services and business and personal messaging apps.
Key findings of the report include:
- Hackers are moving to mobile and personal communication channels to reach employees. SlashNext recorded a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.
- 80% increase in threats from trusted services such as Microsoft, Amazon Web Services, or Google, with nearly one-third (32%) of all threats now being hosted on trusted services.
- 54% of all threats detected were zero-hour threats, showing how hackers are shifting tactics in real-time to improve success
- 76% of threats were targeted spear-phishing credential harvesting attacks
- The top 3 attack sectors are healthcare, Professional and Scientific Services, and Information Technology
How people work today has increased users’ exposure to cyberattacks and threats organizations already face. Hackers have shifted their attention to some of the least protected places to launch attacks, including texting, Slack, WhatsApp, and more. This trend, combined with the fact that employees increasingly use the same devices for work and personal purposes, has accelerated phishing across multiple channels.
Current security tools and processes like security awareness training, reputation-based and relationship graph technologies cannot keep pace with many of these new attack trends. Organizations must move from traditional security practices and last-generation tools to a modern security strategy, including robust AI phishing controls that address all variations of phishing attacks and provides a broad range of protections.
SlashNext protects the modern workforce from malicious messages across all digital channels with an integrated cloud messaging security platform that utilizes patented AI technology with 99.9% accuracy. SlashNext detects threats in real-time to stop zero-hour threats in email, mobile, and web Messaging Apps across M365, Gmail, LinkedIn, WhatsApp, Telegram, Slack, Teams, and other messaging channels. Take advantage of SlashNext’s Integrated Cloud Messaging Security for email, browser, and mobile to protect your organization from data theft and financial fraud breaches today.
To join the discussion, attend The State of Phishing Webinar on November 17th at 11:00 AM PT Register here: https://www.slashnext.com/the-state-of-phishing-webinar