chat
expand_more

Phishing Click Rates Decline while Socially-Engineered Attacks Grow

Cyber threats are constantly evolving. Cybersecurity teams are most effective when they deploy defenses that protect against the threats that pose the greatest risk at any given time. Socially-engineered attacks—one of the most financially damaging threats...
June 11, 2020

Cyber threats are constantly evolving. Cybersecurity teams are most effective when they deploy defenses that protect against the threats that pose the greatest risk at any given time. Socially-engineered attacks—one of the most financially damaging threats according to the FBI—are on the rise and this year’s Verizon 2020 Data Breach Investigations Report (DBIR) uncovered some interesting findings on the trend.

Thoughts on the 2020 DBIR

According to the report, phishing remains a fruitful method for threat actors. But in good news, Verizon found that click rates are as low as they’ve ever been at 3.4%, while reporting rates are rising, albeit slowly. It seems that security awareness training is succeeding with education about basic phishing attacks. The question is... is that enough?

While increased awareness seems to be a positive step, it may not actually be doing much to help today’s organizations, as business email compromise (BEC) attacks are unfortunately on the rise—and the high level of sophistication and social engineering makes them nearly impossible for an employee to spot. These modern BEC attacks lack the common threat signals to trigger detection from yesterday’s secure email gateways. These attacks do not have attachments carrying malware. Nor do they contain URLs leading to malicious websites.

These email attacks are highly-personalized for each individual target in an effort to convince them they are interacting with a trusted sender. So while security awareness training is proving to be effective in reducing click rates, the continually increasing rates of financial loss due to BEC tells a different story. We’re simply not doing a good job at stopping these payload-less and socially engineered attacks.

On a related note, the DBIR report also found that malware is on a consistent and steady decline over the course of the last five years. Verizon theorizes that with hacking and social breaches leading to credential theft, malware is no longer needed to maintain persistence. Malware “is a tool that sits idle in the attacker’s toolbox in simpler attack scenarios.” That said, malware often still plays a role in more complex incidents such as ransomware attacks.

BEC Continues to Grow

The data tells us that, more and more, threat actors are finding success with socially-engineered attacks. Malware detection tools are likely working—but they’re less needed, as recent attacks trend more toward social engineering.

So what does this mean? The tools we have in place to stop email attacks that carry malicious attachments or URLs to malicious websites are doing a good job. Microsoft EOP and Defender for Office 365, as well as the native security controls from Google Workspace, are effective.

Where there is a security gap is with our ability to address BEC—the payload-less, socially engineered attacks. We need a new, abnormal approach to complement the security capabilities of the cloud email platforms.

Learn more about how the Abnormal platform deployed with native API integration and stops business email compromise by requesting a demo today.

Phishing Click Rates Decline while Socially-Engineered Attacks Grow

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

 

See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

 
Integrates Insights Reporting 09 08 22

Related Posts

B Complex Case of Account Compromise Blog
Discover how Abnormal helped one organization detect the sophisticated tactics an attacker used to compromise an employee's email account.
Read More
B Cross Platform Account Takeover
Discover the dangers of cross-platform account takeover, the challenges of detecting this attack, and how to implement proactive protection against ATO.
Read More
B 5 17 24 Legal
Learn how cybercriminals use superficial disclaimers to deceive others while facilitating illegal activity on cybercrime forums.
Read More
B Cybersecurity Influencers Blog 2024
Stay up to date on the latest cybersecurity trends, industry news, and best practices by following these 15 innovative and influential thought leaders on social media.
Read More
B 5 13 24 Docusign
Cybercriminals are abusing Docusign by selling customizable phishing templates on cybercrime forums, allowing attackers to steal credentials for phishing and business email compromise (BEC) scams.
Read More
B CRN
Abnormal employees honored as CRN 2024 Women of the Channel for their influential leadership in the tech industry.
Read More