The first three quarters of 2021 were busy ones for cyberattackers, in which Proofpoint has identified nearly 5,500 campaigns that used one or more recognisable tactics and nearly 15 million phishing messages with malware payloads directly linked to later-stage ransomware.

Phishing and other social engineering attacks are increasing, including bulk phishing or commodity attacks (emails sent to many people in the organization), spear phishing or targeted attacks (emails sent to selected people), whaling or high-value targeting (like top executives), smishing (attacks using mobile text messaging as the main communication vector), vishing (attacks using voice messages or phone calls), and social media-based attacks.

There are many contributing factors to the increasing number of phishing attacks such as employer-issued electronic devices being used by workers for personal purposes and other cybersecurity habits and knowledge gaps, that warrant security training awareness to identify threats.

This report shows you the current phishing vulnerabilities and social engineering attacks that organizations face this year.