Phishing remains the most dominant and fastest-growing Internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today’s threat actors, according to Cloudflare’s inaugural 2023 Phishing Threat Report.
The impact of phishing is not limited to large corporations; it affects small businesses, local entities, and the public sector too.
Cloudflare’s recent report reveals that even political organizations are increasingly targeted by phishing attacks. Cloudflare’s email security service blocked approximately 150,000 phishing emails from reaching campaign officials during the three months preceding the 2022 US midterm elections.
These attacks primarily aim to establish authenticity and credibility from the victim’s perspective. A secondary objective is to convince victims to take action, such as clicking on a link.
“Phishing is an epidemic that has permeated into the farthest corners of the Internet, preying on trust and victimizing everyone from CEOs to government officials to the everyday consumer,” said Matthew Prince, CEO at Cloudflare. “Email messages and malicious links are nefarious partners in crime when it comes to the most common form of Internet threats. Organizations of all sizes need a Zero Trust solution that encompasses email security – when this is neglected, they are leaving themselves exposed to the largest vector in today’s threat landscape.”
Malicious links were the number one threat category making up 35.6% of detected threats. Also, Identity deception threats are on the rise, increasing yearly from 10.3% to 14.2% (39.6 million) of total detections, according to Cloudflare. One-third (30%) of detected threats featured newly registered domains.
Lastly, the most impersonated brand happens to be one of the most trusted software companies: Microsoft, Google, Salesforce, Notion.so, and more.