Cloudflare, Inc., the renowned company championing Internet security, performance, and dependability, has unveiled its inaugural Phishing Threats Report for 2023. This comprehensive report underscores that phishing continues to reign as the preeminent and fastest expanding cybercrime, fueled in large part by the pervasiveness of email and the persistent issue of human fallibility, which malicious actors are quick to exploit.
The report delves into the realm of business email compromise (BEC), with losses surmounting an astounding $50 billion. However, it’s not solely conglomerates that bear the brunt of these attacks. The ramifications of phishing extend beyond Fortune 500 enterprises and global firms, encompassing small local entities and even governmental sectors. In a noteworthy instance, this year’s report highlights a surge in email threats targeting political organizations. In the lead-up to the 2022 US midterm elections, Cloudflare’s email security service thwarted around 150,000 phishing emails directed at campaign officials.
Irrespective of the size, industry, or sector of an organization, the study discloses that threat actors employing phishing schemes have two primary aims. Foremost among these is the establishment of authenticity and credibility in the eyes of their targets. Subsequently, they strive to cajole victims into interacting or clicking on malicious links. These objectives underscore the report’s core discoveries, which encompass:
– Malicious links, constituting 35.6% of identified threats, emerged as the predominant threat category.
– Incidents of identity deception have risen year-on-year, escalating from 10.3% to 14.2% (equating to 39.6 million instances) of total detections.
– Over a billion attempts at brand impersonation were made by attackers, posing as more than 1,000 distinct organizations. A substantial majority (51.7%) of these impersonations involved 20 well-recognized brands.
– Among the most frequently impersonated brands is the esteemed software company, Microsoft. Other prominent entities include Google, Salesforce, Notion.so, and others.
– A notable 30% of detected threats featured newly registered domains, ranking as the second most prevalent threat category.
– Despite email authentication efforts, an overwhelming 89% of unwanted messages managed to “pass” SPF, DKIM, or DMARC authentication checks.
Matthew Prince, CEO of Cloudflare, asserted, “Phishing has become an epidemic that has permeated every corner of the Internet, exploiting trust and victimizing individuals ranging from CEOs to public officials to the average consumer.” He emphasized the partnership between email messages and malicious links as the driving forces behind the most widespread form of online threats,
stressing the necessity for organizations of all sizes to embrace a Zero Trust solution that encompasses robust email security.
Methodology Behind the Report: The report amalgamates insights from data intelligence and security trends garnered from Cloudflare’s daily blocking of 112 billion threats across its global network. The analysis incorporated an evaluation of more than 279 million email threat indicators, 250 million malicious messages, and over a billion instances of brand impersonation (acknowledging that a single email could feature multiple impersonations). These assessments were derived from approximately 13 billion emails processed between May 2022 and May 2023. Furthermore, the report draws from a study commissioned by Cloudflare and conducted by Forrester Consulting, encompassing surveys of 316 security decision-makers spanning North America, EMEA, and APAC, conducted between January and February 2023, to provide an encompassing view of the state of phishing.
