Quishing assaults, a type of phishing that leverages QR codes, have considerably elevated, climbing from a mere 0.8% in 2021 to 10.8% in 2024.
The figures come from the most recent Egress report, which additionally suggests a notable lower in attachment-based payloads, which halved from 72.7% to 35.7% over the identical interval.
In accordance with the brand new knowledge revealed as we speak, impersonation assaults have remained prevalent, with 77% masquerading as well-known manufacturers, notably DocuSign and Microsoft. Social engineering ways have intensified, constituting 16.8% of phishing assaults, whereas phishing emails have grown threefold in size since 2021, probably attributed to the utilization of generative AI.
Multi-channel assaults have capitalized on the recognition of labor messaging apps, notably Microsoft Groups and Slack. Collectively, these apps account for half of the second steps in such assaults. Microsoft Groups alone noticed a considerable 104.4% improve in 2024 in comparison with the earlier quarter.
Synthetic intelligence emerged as a potent device in cybercrime, permeating varied phases of assaults. The report predicts a surge in using deepfakes in video and audio codecs, amplifying the sophistication of cyber assaults.
“The one factor that will not change in 2024 is cybercriminals investing closely in assaults that give them the very best rewards,” commented Jack Chapman, SVP of risk intelligence at Egress.
“Some ways will keep the identical, however the place returns diminish or disappear fully, new ways will emerge. Wanting on the traits explored within the newest report, we will say with certainty that AI-powered assaults are right here to remain.”
Learn extra on cybersecurity and AI: RSA eBook Particulars How AI will Remodel Cybersecurity in 2024
Regardless of technological developments, safe e mail gateways (SEGs) lag behind, with a 52.2% improve in assaults evading detection in early 2024. This underscores the necessity for adaptive cybersecurity measures within the face of evolving threats.
Millennials have additionally emerged as prime targets for cybercriminals, receiving 37.5% of phishing emails. That is significantly true inside the finance, authorized and healthcare sectors. Social engineering ways, together with personalised assaults timed round occasions like Valentine’s Day, additional underscore the evolving panorama of cyber-threats.