11.5 C
Tuesday, February 20, 2024

105% Enhance in Malicious Emails Bypassing SEGs

LEESBURG, Va. – February 20, 2024 – Cofense® , the pioneer and main supplier of electronic mail safety consciousness coaching (SAT) and superior phishing detection and response (PDR) options, at present introduced the discharge of its 2024 Annual State of Electronic mail Safety Report. The information included on this report are curated from the Cofense Phishing Detection Middle which has a 99.998% constructive accuracy charge and divulges alarming tendencies and important insights into the present panorama of electronic mail safety. 

The Cofense Phishing Detection and Response Platform, powered by over 35 million Cofense-trained staff, detected a record-setting variety of malicious emails and phishing campaigns in 2023.  In simply two years, Cofense PDR recognized over 1.5 million malicious emails bypassing their clients’ Safe Electronic mail Gateways (SEGs), signaling a 37% enhance in threats in comparison with 2022, and a staggering 310% enhance over 2021. To place this in context, the report highlights that Cofense detected at the least one malicious electronic mail bypassing their clients’ SEGs each 57 seconds. 

“As we unveil the statistics from the 2024 Annual State of Electronic mail Safety Report, it’s evident that the email-based assault vector is evolving at an unprecedented tempo going into 2024,” stated David Van Allen, CEO of Cofense. 

The Cofense Annual Report factors out that safe electronic mail gateways battle to maintain tempo with subtle phishing campaigns and counting on ‘ok’ electronic mail safety is now not an choice for many enterprises.  

“The information we current on this report speaks instantly concerning the escalating sophistication of cyber threats, which demand a unique method to efficient electronic mail safety. Cofense  stays dedicated to offering enterprise options to maintain up with evolving threats,” stated Van Allen.

The Electronic mail Safety Panorama 

The report highlights that electronic mail stays the first assault vector for cybercrime, with 90% of information breaches originating from phishing assaults aimed toward staff. Safe electronic mail gateways are struggling to maintain tempo with the quickly evolving nature of phishing campaigns, evidenced by a regarding 104.5% enhance within the variety of malicious emails bypassing SEGs in 2024. Credential phishing, the popular technique of risk actors, additionally noticed a staggering 67% enhance in quantity in comparison with the earlier yr. Different prime tendencies in 2023 included:   

  • Phishing campaigns advanced – In 2023 Cofense noticed a rise in techniques like vishing, smishing, model impersonation, and QR code phishing that bypass SEGs. Cofense reported a 331% enhance in QR code energetic risk stories (ATRs) final yr. 
  • Healthcare and finance remained the highest focused industries – Will increase in malicious emails bypassing SEGs in these industries at 84.5% and 118%, respectively. 
  • New malware households, together with DarkGate and PikaBot, emerged to fill the hole left by the FBI’s dismantling of the Qakbot infrastructure. 

Rising Threats to Watch: 

  • Model Impersonation and Vishing: Model impersonation and vishing campaigns are on the rise, with risk actors exploiting these techniques to deceive staff. These assaults are environment friendly at bypassing SEGs, as they usually lack attachments or apparent hyperlinks. 
  • Resurgence of Emotet/Geodo: Regardless of regulation enforcement actions in 2021, Emotet/Geodo resurfaced in 2023, highlighting the persistence and adaptableness of this harmful malware. 
  • Agent Tesla Keylogger: A persistent risk all through 2021 and 2022, Snake Keylogger remained a big threat in 2023. As we go into 2024, its capacity to evade detection by antivirus software program makes it a regarding risk to organizations. 
  • FormBook’s Menace: A constant risk, FormBook is an information-stealer malware centered on accessing delicate info from contaminated programs. Companies are urged to proactively safeguard towards this pervasive risk. 
  • Google AMP Phishing Tactic: A brand new phishing tactic leveraging Google Accelerated Cellular Pages (AMP) has been recognized, proving extremely profitable. Cofense stories a 1,092% enhance in Google AMP emails bypassing safe electronic mail gateways within the final six months of 2023. 
  • Enterprise Electronic mail Compromise (BEC): BEC stays one of the crucial devastating cybercrimes, with scammers exploiting conversational-based phishing assaults. Conventional defenses usually fail to catch these assaults, leading to billions of {dollars} being stolen yearly.

To obtain the total 2024 Annual State of Electronic mail Safety Report, click on right here

About Cofense 

Cofense® is the unique and main supplier of safety consciousness coaching and phishing simulation, providing one-of-a-kind world enterprise-level superior electronic mail risk detection and remediation options. Cofense PhishMe® and Cofense Phishing Detection and Response Platform (PDR) provide the world’s solely answer leveraging over 35 million Cofense-trained staff who actively report suspected phishing and different harmful electronic mail threats in real-time. Unique solely to Cofense, this reporting system ingests and catalogs 1000’s of potential threats per day which are missed by present electronic mail gateway applied sciences after which eradicates these threats from buyer inboxes. In brief, Cofense sees and stops threats different electronic mail safety programs miss. Please go to www.cofense.com or join with us on X and LinkedIn for extra info. 

Latest news
Related news


Please enter your comment!
Please enter your name here