Phishing attacks have seen a lot more successful in 2023 compared to previous years, a new report published by SASE experts Netskope claims.
According to the paper, threat actors were three times more successful in their phishing, compared to the attacks at the end of 2022. The success rate is still relatively low, the researchers added, due to improvements made in anti-phishing filters, as well as user awareness.
The latest uptick is thanks to hackers using more personal email accounts in their attacks.
Chinese, Russian, and Ukrainian attackers
So far this year, the number of people downloading a phishing attachment from a personal webmail app, compared to managed organization webmail apps, is 16 times higher. More than half (55%) of malware people wanted to download was deployed via cloud apps which are the most popular method of delivery. Microsoft OneDrive, which Netskope describes as “the most popular cloud app in the enterprise”, hosted more than a quarter of all cloud malware downloads.
For Ray Canzanese, Threat Research Director, Netskope Threat Labs, proper defense starts with a long, hard look at the mirror: “If organizations can look at who our top adversaries are and the incentives that motivate them, then you can look at your defenses and ask, 'What protections do I have in place against those tactics and techniques? How will this help me hone in on what my defensive strategy should be?'”
“If you can defend effectively against the techniques outlined in the report, you're defending effectively against a really wide swath of adversaries. No matter who you're up against, you'll have defenses in place.”
The most successful criminal organizations are located in Russia and Ukraine, while the most dangerous geopolitical groups (who usually hunt for sensitive data against targets in financial services and healthcare) come from China, Netskope claims. TrickBot developers Wizard Spider were observed as the top group attempting to target Netskope Security Cloud platform users.
Geopolitical groups usually go for targets in Africa, Asia, Latin America, and the Middle East, while financially motivated ones usually target Australia and North America.
More from TechRadar Pro
- Russian hackers use a blast from the Windows past to launch cyberattacks
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.