Cybersecurity News in Asia

Features
- Featured
  
  Combating deepfake fraud during elections
  
  Tuesday, November 26, 2024, 12:03 PM Asia/Singapore | Features
- Featured
  
  Will the billions lost in financial scams lead to better vigilance and accountability?
  
  Tuesday, November 19, 2024, 2:30 PM Asia/Singapore | Features, Newsletter
- Featured
  
  Impact of downtime and security workflows on cloud strategies
  
  Tuesday, November 19, 2024, 2:26 PM Asia/Singapore | Features, Newsletter
News
- Featured
  
  What Q2 2024 phishing trends were detected in one email defense solution?
  
  Thursday, November 28, 2024, 9:01 AM Asia/Singapore | News
- Featured
  
  Which countries have been “most prepared for data security threats” in 2024?
  
  Thursday, November 28, 2024, 8:55 AM Asia/Singapore | News, Newsletter
- Featured
  
  Sextortion phishing may have been getting more personal lately
  
  Tuesday, November 26, 2024, 9:59 AM Asia/Singapore | News, Newsletter
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

News

What Q2 2024 phishing trends were detected in one email defense solution?

By CybersecAsia editors | Thursday, November 28, 2024, 9:01 AM Asia/Singapore

Impersonation, social engineering, and use of compromised accounts to bait potential victims were some trends examined

Based on its own email protection incidence data, a cybersecurity firm has noted to phishing attacks in its client base had increased by 28% in Q2 2024.

Threat actors had been using a wide range of methods to trick users into engaging. However, one common tactic is the use of social engineering to impersonate someone the potential victim may know, or using a compromised account.

Of the Q2 phishing emails analyzed, 44% had been sent from compromised accounts. Phishing payloads have included malicious links (45%), malicious attachments (23%) or social engineering tactics (20%).

Among emails comprising impersonation attacks, 36% employed malicious links, 45% had used malicious attachments, and 15% used purely social engineering tactics. However, between 1 January and 31 August 2024, the data showed that 26% of emails had appeared to be sent from brands that were not connected to the recipient via an established business relationship. This included impersonating phone or video conferencing providers (9.7%) and impersonating mail carriers (5.3%) as part of established “missed voicemail” and “missed delivery” campaigns. The next most popular attack were ones impersonating the firm that the recipient was working for (16%). HR was the most impersonated department in these types of attacks, with cybercriminals taking advantage of employees being quick to click on supposed benefit packages or similar bait.

In the Q2 data, employees accurately identified and reported phishing emails 29% of the time.

According to Stu Sjouwerman, CEO, KnowBe4, the firm that published the internal data findings of its subsidiary Egress Defend : “These are all methods to establish credibility to get the victim recipient to click, open, or respond to a phishing email, something that should be taught with security awareness training. Analysis of phishing emails in the second quarter of this year paints a picture of what security teams and vigilant recipients should expect from modern phishing attacks.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
Mitigating Ransomware Risks with GRC Automation
In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper
2024 Gartner® Magic Quadrant™ for SD-WAN
Gartner® has positioned Fortinet highest for Ability to Execute for the fourth year in a …Download Whitepaper
5 Cybersecurity Dashboards for CISOs
Are you ready to transform your cybersecurity approach? With Commugen's 5 Cybersecurity Dashboards for CIOs, …Download Whitepaper

Middle-sidebar-banner

Case Studies

Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Read more
Unlock Your Guide to Securing Business Critical Secrets
Is your organization effectively managing access to sensitive secrets like credentials, API keys, and certificates …Read more
RBL Finserve boosts control of growing number of identities in its multi-cloud environment
By adopting a third-party identity security platform, the Indian financial institution expects to leverage zero …Read more
MAX Solutions safeguards data for digital transformation with Veeam
One of the largest employment providers in Australia needed to protect data while reducing complexity …Read more

Cybersecurity News in Asia

Featured

Combating deepfake fraud during elections

Featured

Will the billions lost in financial scams lead to better vigilance and accountability?

Featured

Impact of downtime and security workflows on cloud strategies

Featured