Tackling the Increasing Threat of Phishing

Phishing is the most common email attack that organizations face, accounting for nearly 77% of attacks seen by Abnormal in 2021—more than business email compromise, ransomware, and account takeover.

Phishing emails can lure victims into trusting the sender with their login credentials, other sensitive information, and even company funds. Successful phishing campaigns can also lead to business email compromise (BEC), and Deloitte reports that phishing is the number one delivery vehicle for ransomware.

Because phishing emails target human behavior, create a sense of urgency, and appear to come from trusted senders, they can be incredibly difficult to detect. Whether they impersonate a known brand, an internal system, or another trusted source, stopping them before they reach employee inboxes is the key to staying safe.

The FBI Internet Crime Complaint Center (IC3) actively tracks successful phishing incidents and their financial impact. Perhaps due to its versatility as the first step in a variety of crimes, phishing far outpaces other types of attacks.

In 2021, successful phishing attacks increased by 34.2%, rising from 241,342 in 2020 to 323,972—nearly four times as many as the second most common cybercrime. In fact, phishing has been the most common type of cybercrime since 2019 and led to victim losses of more than $44 million in 2021 alone.

Unfortunately, there doesn’t seem to be a ceiling on phishing growth, as criminals find new ways to leverage email to trick victims. Phishing attacks will likely continue to grow in number because legacy solutions are increasingly ineffective against advanced socially-engineered threats. In addition, this kind of attack has a high potential to slip by humans—particularly in the middle of a busy workday. The best defense is to stop these carefully crafted attacks before they reach your employees.

Secure email gateways can stop simple phishing attacks that contain obviously malicious links or attachments, but more sophisticated phishing messages often sail through. And when an employee engages with a phishing email, it puts the organization at risk for credential theft.

A quick scan of the email above may not raise any immediate red flags, especially since the message appears to be coming from the employer's domain. However, if an employee clicks on the link and logs in, the site will collect their credentials, which the attackers can use to compromise the account and gain access to the employer’s VPN.

The information acquired during a credential phishing attack can be used to launch more advanced attacks from compromised email accounts. This can lead to financial losses, data breaches, and ransomware attacks—all of which can have costly long-term consequences for the business.

The ability of phishing emails to open the door to more damaging cybercrimes is one of the biggest reasons these attacks are such a threat. Even if the cybercriminal isn’t that sophisticated, having those credentials means they can do as they please within the account. This includes accessing additional (potentially more valuable) services if those same credentials are used across multiple sites.

Stopping phishing emails requires a solution that can detect and interpret thousands of signals to block the emails that appear suspicious, even when they don’t contain traditional indicators of compromise.

Abnormal uses a fundamentally different approach to email security that leverages behavioral data science to profile and baseline good behavior as well as to detect anomalies. By combining identity modeling, relationship graphing, and content analysis, we can prevent phishing emails and other attacks from ever reaching an employee’s inbox. Looking beyond email data enables us to more accurately detect advanced email attacks and protect your organization from the most dangerous threats.

To learn more about the increasing threat of phishing, download the CISO Guide to Phishing.