Greater than 9 in 10 (92%) organizations skilled a mean of six credential compromises brought on by email-based social engineering assaults in 2023, in keeping with a brand new report by Barracuda.
Scamming and phishing continued to make up the overwhelming majority (86%) of social engineering assaults final yr.
There have been some notable developments in how attackers are concentrating on customers through social engineering methods:
- Dialog hijacking: That is the place attackers compromise enterprise accounts by means of phishing assaults, after which monitor the compromised account to know enterprise operations and to study offers in progress, cost procedures and different particulars. This info is leveraged to craft authentic-looking and convincing messages from the impersonated domains to trick victims into wiring cash or updating cost info. Dialog hijacking solely made up 0.5% of social engineering assaults in 2023, however this represents a virtually 70% rise in comparison with 2022.
- Enterprise electronic mail compromise (BEC): These assaults, wherein the hacker sometimes impersonates an execute to trick workers to switch cash, usually through present playing cards and wire transfers, made up 10.6% of social engineering assaults final yr, up from 8% in 2022.
- Extortion: These assaults contain hackers threaten to show delicate or embarrassing content material to their victims’ contacts until a ransom is paid out. Extortion assaults made up 2.7% of the full social engineering assaults in 2023.
Attackers Evolving Use of Respectable Providers
The Barracuda report highlighted the evolving use of legit companies to focus on workers through these social engineering methods.
Gmail was by far essentially the most used electronic mail area for social engineering assaults, making up 22% of assaults final yr.
The following mostly used free webmail companies by hackers have been Outlook (2%), Hotmail (1%), iCloud (1%) and Mail.com (1%). All different domains made up 73% of assaults.
Assaults that used Gmail have been notably skewed in the direction of BEC, with greater than 50% Gmail assaults used for this goal.
Scamming accounted for 43% of assaults utilizing Gmail in 2023.
The researchers additionally discovered that cybercriminals are more and more leveraging common business URL shortening companies to embed malicious hyperlinks in phishing emails.
This tactic may help disguise the true nature and vacation spot of the hyperlink as they usually seem to come back from legitimate-looking websites.
Probably the most broadly used URL shortening service final yr was bit.ly, which was leveraged in almost 40% of assaults that included a shortened URL.
The following mostly used of those companies was from X (previously Twitter), utilized in 16% of assaults that included a shortened URL.
This marks a significant change in comparison with earlier analysis in 2020, when X’s shortening service was utilized in round two-thirds of those assaults (64%), and bit.ly in simply 3%.
One other notable development highlighted within the report was a major rise in QR code phishing assaults in late 2023. Round 5% of mailboxes have been focused with QR code assaults within the final quarter of the yr.
In these assaults, cybercriminals embed the QR codes in phishing emails, prompting customers to scan the code and go to a pretend web page that seems to be a trusted service or utility. These pages are sometimes designed to trick customers into downloading malware or enter their login credentials.
The researchers famous that QR code assaults are tough to detect utilizing conventional electronic mail filtering strategies as there is no such thing as a embedded hyperlink or malicious attachment to scan.
QR codes despatched through electronic mail additionally take victims away from company machines and drive them to make use of a private machine, resembling a cellphone or iPad, which isn’t protected by company safety software program.
