Phishing typically involves impersonation of a trusted individual or brand. In email phishing, the sender’s email address is often spoofed to make it appear that the messages have been sent from a legitimate domain, the emails often include the spoofed company’s logo, the color scheme used by that company, and the messages themselves are often very similar to the official emails sent by that brand.
It stands to reason that the most commonly impersonated brands are large tech companies, as more people are familiar with those companies and use their products and services. It should not come as a surprise to hear that the most impersonated brand in Q1, 2024 was Microsoft, which was impersonated in 38% of all phishing attacks, according to data from Check Point Research, up from 30% of attacks in the previous quarter. Google was the second most impersonated brand and was impersonated in 11% of phishing attacks, up from 8% in Q4, 2023.
Phishing attacks impersonating Amazon fell from 9% in Q4, 2023 to just 3% in Q1, 2024. The fall in attacks can be explained by fewer online sales after the holiday period, with phishers favoring other brands at the start of the year. There was an increase in attacks impersonating LinkedIn to target job seekers in response to an increase in job hunting in the New Year. LinkedIn rose to third place and was impersonated in 11% of attacks. Another seasonal increase was a rise in attacks impersonating Airbnb, which made it into the top 10 most impersonated brands, likely due to the increase in holiday bookings in the New Year.
Cybercriminals often change tactics and respond to seasonal changes, such as increasing attacks impersonating delivery firms and online retailers in the run-up to the holiday season, and piggyback on the popularity of major news stories and sporting events. This year is an Olympics year, and the European Football championships will be held in Germany in June. Lures related to these events are certain to be used as interest grows over the coming weeks as the events draw closer.
What is clear from phishing data is attacks are becoming more numerous and more sophisticated. According to tracking data by the Anti-Phishing Working Group (APWG), there were more than five million phishing attempts reported in 2023, the highest total ever recorded by APWG. Attacks against social media platforms showed a marked increase as the year drew to an end and accounted for almost 43% of all phishing attacks.
QR code phishing is also increasing. QR codes are used to send traffic to malicious URLs, and they are highly effective for phishing. Email security solutions typically check embedded hyperlinks against lists of known malicious domains, with many following hyperlinks and assessing the sites that users are redirected to. Many email security solutions, however, lack the capability to read QR codes, so the messages often end up in inboxes where they can be opened by end users.
It is not only email phishing that is increasing. Vishing – voice phishing attacks continue to rise and there was a major increase in Business Email Compromise (BEC) attacks, which the APWG data shows increased by 24% compared to the previous quarter. As phishing attacks increase in number and sophistication, businesses need to ensure that their defenses are capable of blocking these threats and that their employees are trained to be on high alert and constantly look for the signs of phishing in all communications.
One of the most important protective measures for businesses is to have an effective Office 365 spam filter. The anti-spam and anti-malware protections put in place by Microsoft and included with all licenses (EOP) are effective at blocking spam and known malware, but it is not so effective at blocking zero-day phishing and malware threats, many of which land in users’ inboxes. The more advanced protection that is provided with Microsoft’s E5 premium license improves phishing detection considerably, yet even this measure does not block many sophisticated phishing attempts. As such, many businesses are keen to improve the Office 365 spam filter and look for a third-party cybersecurity solution.
An increasing number of businesses are signing up for advanced AI- and machine learning-driven protection from TitanHQ to improve protection for Microsoft 365 environments. The engine that powers two of TitanHQ’s most popular cybersecurity solutions – SpamTitan and PhishTitan- has VBSpam+ certification from Virus Bulletin and in Q1, 2024 tests, was found to have a spam catch rate of 99.983%, a phishing catch rate of 99.914%, a malware catch rate of 99.51%, and a false positive rate of 0.00%. Overall, the engine got a 99.983% overall score.
SpamTitan is a cost-effective, easy-to-use email security solution for stopping phishing attacks, spam, malware, and ransomware. The solution features AI-based phishing protection via the newest zero-day threat intelligence, double malware protection with two antivirus engines, a next-generation sandbox for analyzing the behavior of messages to identify zero-day threats, and the solution is easy to integrate with Microsoft 365 to improve protection.
PhishTitan is a cloud-based, next-generation phishing protection and remediation solution that has been developed for use with Microsoft 365 that can identify and block the advanced phishing threats that Microsoft misses. PhishTitan has a high detection accuracy and uses AI to assess the content, tone, and meaning of emails to identify unusual, suspicious, and malicious messages. The solution also adapts to constantly evolving phishing tactics.
URLs in phishing emails are rewritten to identify their true destination, are compared to an extensive range of intelligence feeds, and the solution provides time-of-click protection against malicious links in emails. The solution also learns from user feedback to further improve accuracy and applies banners to emails warning about potentially malicious content and can be used by IT teams to automate the remediation of phishing emails from inboxes.
Phishing attacks are getting more sophisticated and tactics are constantly changing, but with the advanced protection provided by SpamTitan and PhishTitan that significantly improves the Microsoft 365 spam filter, businesses will be prepared. Give the TitanHQ team a call for more information, to arrange a product demonstration, or to sign up for a free trial to put the solutions to the test.