Hackers are getting better at smuggling phishing emails past cybersecurity defenses

Lock on Laptop Screen
(Image credit: Shutterstock.com) (Image credit: Future)

Hackers are getting better at smuggling phishing emails past cybersecurity defenses, thanks in to part to better obfuscation techniques and proper timing, new research has claimed.

The latest Phishing Threat Trends Report from Egress says the number of phishing emails employing obfuscation techniques is on the rise - and in 2023, jumped by almost a quarter (24.4%) and now sits at 55.2% in total. 

Furthermore, almost half (47%) of such phishing emails use at least two obfuscation layers, with less than a third (31%) using only one. Among the different obfuscation techniques, HTML is the most popular one, being found in 34% of samples. 

Hiding among greymail

By hiding the fact that these are phishing messages, email security providers can sometimes allow them to reach their final destination - the victim’s inbox - and thus put their endpoints at risk of a more damaging cyberattack.

But reaching the inbox is only half of the work - the victims must still interact with the contents of the phishing email. To make sure that happens, the attackers choose the perfect moment to strike - Wednesday and Friday. 

Why those days? Because that’s when most people receive most greymail - notifications, updates, and promotional messages. Benign, but numerous, and clogging the inbox. Busier inboxes, the researchers conclude, are more likely to be targeted by phishing. 

Phishing emails haven’t changed much over the years. They usually impersonate a popular brand, or an individual whom the victim knows. The message itself always carries a sense of urgency, claiming something catastrophic will happen unless the victim acts immediately. While the topics may vary from returned shipping parcels to terminated bank accounts, the most popular topic, Egress says, is missed voice messages.

This type of phishing attack accounted for 18.4% of all messages sent between January and September this year.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.