Within the dynamic world of cybersecurity, 2023 marked a big shift, underscored by a 1760% increase in Business Email Compromise (BEC) attacks. This startling revelation, detailed in Perception Point’s ‘2024 Annual Report: Cybersecurity Trends & Insights‘, points to the growing sophistication of cyber threats. The Tel Aviv-based leader in advanced email and workspace security solutions highlights how Generative AI (GenAI) technologies have grow to be a tool for threat actors, enabling them to craft intricate social engineering attacks which are increasingly difficult to detect.
The past yr’s cyber landscape was shaped by the remarkable advances in GenAI, which malicious actors used to reinforce the size and complexity of their attacks. In 2022, BEC attacks constituted a mere 1% of all cyberattacks, but by 2023, they accounted for a staggering 18.6%.
Phishing continued to be the dominant cyber threat, accounting for over 70% of all attacks, with little change from the previous yr. Nevertheless, quishing—a brand new type of threat exploiting QR codes—emerged, accounting for two.7% of all phishing attempts. The trust placed in QR codes has been manipulated by attackers, turning a straightforward scan into a big security risk. In 2023, 1 out of each 18 QR codes sent via email was malicious.
Moreover, the prevalence of two-step phishing attacks saw a 175% increase. These multi-stage attacks, harder to detect resulting from their use of legitimate services and hosting sites, exploit the reputations of well-known domains, evading detection more easily.
The report also highlights a 350% rise in account takeover (ATO) threats, where legitimate accounts are compromised after which utilized in highly targeted attacks. Brand impersonation attacks also saw a big increase, with 55% of all such attacks in 2023 mimicking the targeted worker’s organization.
Email remained the first attack vector, with 1 in 5 emails being malicious or spam. Threat actors expanded their horizons to focus on organizations through other means as well, with phishing attacks via web browsers increasing significantly and malware distribution in M365 Apps like OneDrive, SharePoint, and Teams accounting for 65% of attacks. Over 50% of attacks targeted CRMs like Zendesk and Salesforce.
Yoram Salinger, CEO of Perception Point, emphasizes the impact of GenAI’s proliferation on organizational security postures. He highlights the evolving nature of the trendy workspace, increasingly reliant on cloud-based email, collaboration, and productivity tools accessible from any browser. Perception Point’s commitment to protecting this contemporary workspace is obvious of their consolidated threat prevention solution, which mixes multi-layered AI-powered detection with managed incident response services.
Perception Point, a Prevention-as-a-Service company, stands on the forefront of next-generation prevention, detection, and response to attacks across email, cloud collaboration apps, and web browsers. Their cloud-native service, easy to deploy and manage, is designed to interchange cumbersome legacy systems. It prevents phishing, BEC, spam, malware, Zero-days, ATO, and other advanced attacks, protecting Fortune 500 enterprises and organizations globally.
This comprehensive report by Perception Point offers invaluable insights into the evolving cyber threat landscape, underscoring the necessity for revolutionary security solutions in an era where GenAI and advanced social engineering tactics have gotten the norm. You’ll be able to view the complete report here.