Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Cloudflare Harnesses the Power of its Global Network to Identify Top Exploited Phishing Methods and Most Impersonated Brands in Inaugural Report
Cloudflare, Inc. released its inaugural 2023 Phishing Threats Report. The findings highlight that phishing remains the most dominant and fastest growing Internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today's threat actors.

While business email compromise (BEC) losses have topped $50 billion, corporate organizations are not the only victims that attackers are after. The real implications of phishing go beyond Fortune 500's and global companies, extending to small and local organizations as well as the public sector. For instance, in this year's report, Cloudflare observed more email threats targeting political organizations. In the three months leading up to the 2022 US midterm elections, Cloudflare's email security service prevented around 150,000 phishing emails from making their way to campaign officials.

Regardless of an organization's size, industry or sector, the report revealed that threat actors who leverage phishing campaigns have two major objectives. First and foremost, the goal is to achieve authenticity and legitimacy in the eyes of the victim. Second, is to persuade victims to engage or click. These objectives are underscored by the key findings of the report, including:

  • Malicious links were the #1 threat category, comprising 35.6% of detected threats
  • Identity deception threats are on the rise - increasing YoY from 10.3% to 14.2% (39.6 million) of total detections
  • Attackers posed as more than 1,000 different organizations in over 1 billion brand impersonation attempts. The majority of the time (51.7%), they impersonated one of 20 well-known brands
  • The most impersonated brand happens to be one of the most trusted software companies: Microsoft. Other top companies impersonated included Google, Salesforce, Notion.so, and more
  • One-third (30%) of detected threats featured newly registered domains - the #2 threat category
  • Email authentication doesn't stop threats. The vast majority (89%) of unwanted messages "passed" SPF, DKIM, or DMARC authentication checks

"Phishing is an epidemic that has permeated into the farthest corners of the Internet, preying on trust and victimizing everyone from CEOs to government officials to the everyday consumer," said Matthew Prince, CEO at Cloudflare. "Email messages and malicious links are nefarious partners in crime when it comes to the most common form of Internet threats. Organizations of all sizes need a Zero Trust solution that encompasses email security - when this is neglected, they are leaving themselves exposed to the largest vector in today's threat landscape."

Published Tuesday, August 15, 2023 9:30 AM by David Marshall
Filed under: ,
Get This Featured White Paper: The Guide to Choosing Backup Storage
You may also be interested in this white paper: 8 Reasons Why Customers Choose ControlUp
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
capacity-europe
APIWorld
DTE2025
CGDC
HAF
IPSF
vExpert
Calendar
<August 2023>
SuMoTuWeThFrSa
303112345
6789101112
13141516171819
20212223242526
272829303112
3456789