chat
expand_more

Phishing Click Rates Decline while Socially-Engineered Attacks Grow

Cyber threats are constantly evolving. Cybersecurity teams are most effective when they deploy defenses that protect against the threats that pose the greatest risk at any given time. Socially-engineered attacks—one of the most financially damaging threats...
June 11, 2020

Cyber threats are constantly evolving. Cybersecurity teams are most effective when they deploy defenses that protect against the threats that pose the greatest risk at any given time. Socially-engineered attacks—one of the most financially damaging threats according to the FBI—are on the rise and this year’s Verizon 2020 Data Breach Investigations Report (DBIR) uncovered some interesting findings on the trend.

Thoughts on the 2020 DBIR

According to the report, phishing remains a fruitful method for threat actors. But in good news, Verizon found that click rates are as low as they’ve ever been at 3.4%, while reporting rates are rising, albeit slowly. It seems that security awareness training is succeeding with education about basic phishing attacks. The question is... is that enough?

While increased awareness seems to be a positive step, it may not actually be doing much to help today’s organizations, as business email compromise (BEC) attacks are unfortunately on the rise—and the high level of sophistication and social engineering makes them nearly impossible for an employee to spot. These modern BEC attacks lack the common threat signals to trigger detection from yesterday’s secure email gateways. These attacks do not have attachments carrying malware. Nor do they contain URLs leading to malicious websites.

These email attacks are highly-personalized for each individual target in an effort to convince them they are interacting with a trusted sender. So while security awareness training is proving to be effective in reducing click rates, the continually increasing rates of financial loss due to BEC tells a different story. We’re simply not doing a good job at stopping these payload-less and socially engineered attacks.

On a related note, the DBIR report also found that malware is on a consistent and steady decline over the course of the last five years. Verizon theorizes that with hacking and social breaches leading to credential theft, malware is no longer needed to maintain persistence. Malware “is a tool that sits idle in the attacker’s toolbox in simpler attack scenarios.” That said, malware often still plays a role in more complex incidents such as ransomware attacks.

BEC Continues to Grow

The data tells us that, more and more, threat actors are finding success with socially-engineered attacks. Malware detection tools are likely working—but they’re less needed, as recent attacks trend more toward social engineering.

So what does this mean? The tools we have in place to stop email attacks that carry malicious attachments or URLs to malicious websites are doing a good job. Microsoft EOP and Defender for Office 365, as well as the native security controls from Google Workspace, are effective.

Where there is a security gap is with our ability to address BEC—the payload-less, socially engineered attacks. We need a new, abnormal approach to complement the security capabilities of the cloud email platforms.

Learn more about how the Abnormal platform deployed with native API integration and stops business email compromise by requesting a demo today.

Phishing Click Rates Decline while Socially-Engineered Attacks Grow

See Abnormal in Action

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Discover How It All Works

See How Abnormal AI Protects Humans

Related Posts

B Email Metrics
Understand essential email security metrics that reveal the strength of your protection and highlight areas for improvement in your security program.
Read More
B 1500x1500 MKT579z 3 Images for Proofpoint Customer Story Blog 15
A global industrial manufacturer blocked 3,232 missed attacks and saved 336 SOC hours per month by adding Abnormal to address gaps left by Proofpoint.
Read More
B RFI
Abnormal urges adoption of AI-native cybersecurity in response to OSTP’s RFI, highlighting the need for public-private collaboration to counter AI-powered threats.
Read More
B MKT793r Open Graphs Convergence Announcement Blog
Join this virtual event series to get the insights you need to make security decisions in the age of AI.
Read More
B Atlantis AIO Blog
Discover how cybercriminals use Atlantis AIO to automate credential stuffing attacks—and how AI-driven security can stop them before accounts are compromised.
Read More
B Black Basta
Black Basta is a highly active ransomware-as-a-service (RaaS) group that has been linked to dozens of high-profile attacks against organizations worldwide. See how they utilize generative AI to support their campaigns.
Read More