How have phishing attacks evolved in 2023?

Learn the top phishing threat trends in email security

Key phishing threat stats for 2023

The report highlights:

72% of organisations are concerned about chatbots enabling more convincing phishing attacks that trick users through automated conversations.

55% of phishing emails now use obfuscation techniques like HTML encoding and text randomisation to disguise malicious content and bypass email security systems.

71% of phishing emails generated by AI manage to get through and evade detection. AI can effectively mimic writing styles and patterns.

The use of compromised accounts is increasing. The report found an 11% rise in phishing attacks originating from compromised email and social media accounts.

Alarmingly, 48% of attacks missed by Microsoft came from compromised accounts that appeared legitimate.

The evolution of phishing attacks

Chatbot use in phishing attacks:
Phishing attacks have taken advantage of the widespread adoption of chatbots in various industries. These automated conversational agents have become a popular platform for cybercriminals to launch their deceptive campaigns. Organisations must recognise the potential risks associated with chatbots and implement robust security measures to mitigate these risks. Educating employees about the dangers of interacting with suspicious chatbot messages and implementing stringent authentication protocols can help prevent successful phishing attacks.

Obfuscation techniques in phishing emails:
Obfuscation involves the deliberate manipulation of email content, making it challenging for traditional perimeter detection systems to identify malicious intent.

Cybercriminals use techniques such as HTML encoding, randomising text, and embedding malicious links within seemingly innocuous content to trick users into divulging sensitive information. To counter these techniques, organisations need to invest in advanced email security solutions that employ machine-learning algorithms to detect and block obfuscated phishing emails.

AI-generated phishing attacks:
As AI technology continues to advance, cybercriminals have started leveraging its capabilities to create sophisticated and convincing phishing attacks. The Phishing Threat Trends Report highlights that 71% of AI-generated email attacks go undetected, making them a significant concern for organisations.

AI-powered phishing attacks can mimic the writing style, tone, and even email habits of legitimate users, making them incredibly challenging to identify. Organisations must deploy advanced AI-driven email security solutions capable of detecting and neutralising these AI-generated phishing attacks effectively.

The rise of compromised accounts:
Another concerning trend identified in the report is the increase in phishing attacks sent from compromised accounts. Research shows that there has been an 11% increase in phishing attacks originating from compromised accounts in 2023. Shockingly, 48% of the phishing attacks that Microsoft’s detection missed were sent from compromised accounts.

The use of compromised accounts adds an additional layer of complexity to phishing attacks, as they appear legitimate and bypass traditional perimeter detection systems. Organisations must prioritise the implementation of multi-factor authentication, robust password policies, and regular security awareness training to mitigate the risks associated with compromised accounts.

Graymail and its impact on cyber security:
Graymail, categorised as bulk but solicited emails such as notifications, updates, and promotional messages, poses a unique challenge to email security. On average, one-third (34%) of mail flow consists of graymail, making it an attractive target for cybercriminals seeking to disguise phishing emails within busy mailboxes.

Impersonation attacks mimicking graymail messages, such as SharePoint and social media notifications, have seen a significant increase in recent years. These attacks prey on users’ trust in legitimate notifications, increasing the likelihood of successful phishing attempts. Organisations must implement robust email filtering solutions capable of detecting and blocking these impersonation attacks effectively.