Positive Technologies presented a report on phishing attacks on organizations for 2022-2023

Positive Technologies presented a report on phishing attacks on organizations for 2022-2023

Positive Technologies experts presented an analysis of phishing attacks on organizations in 2022-2023 at the Cybersecurity in Finance forum. Khabra information service is on the forum. According to this study, the phishing as a service business model has become a common practice. Experts predict an increase in the role of artificial intelligence in phishing attacks and countering them.

According to research data, 85% of all phishing attacks are data acquisition, including 26% for financial gain. Among the criminals, experts single out hacktivists, whose activities continue to gain momentum in the world. According to experts of the IT company, thanks to the lowering of the price of the “Fishing as a service” business model, beginners who do not have special knowledge and skills were able to use it more often.

Analysis of messengers and forums on the dark web that mention social engineering showed that ready-made phishing projects, tools for conducting phishing attacks, and services for developing phishing pages became popular categories among requests and offers.

Sophisticated multi-level phishing attacks are carried out in 92% via e-mail, in 8% of cases, messages in messengers are added to the mail, and in 3% of cases – SMS messages.

Oleksiy Lukatsky

Business consultant on information security Positive Technologies

“We see the automation of attack processes with the help of AI tools as the main vector of phishing development. They are gaining more and more popularity and are used both by criminals (to prepare and implement phishing attacks) and by information security specialists (to counter cyber threats). With the help of AI, cybercriminals maintain a meaningful dialogue with the victim, generate convincing phishing messages, create deepfakes of voices, images and videos.

In 44% of the attackers’ attacks, state institutions were identified, in 19% – defense enterprises, and in 14% of phishing attacks, the victims were organizations in the field of science and education. According to the study, in 26% of attacks, attackers impersonate contractors.

Kateryna Kosolapova

Analyst of the research group of the Information Security Analytics Department of Positive Technologies

“Phishers send fake reconciliations, invoices, contract extension documents and other data related to interactions with contractors. The popularity of this trick is explained by the fact that it is applicable to almost all organizations and involves the presence of links or attachments in the message. In 58% of attacks, such baits did not contain links to a specific industry. At the same time, this topic is used most often in targeted attacks on medical, financial, industrial and telecommunications organizations.”

To prevent, detect and respond to phishing attack threats, experts suggest:

  • to implement IS fundamentals training for employees in organizations;

  • conducting phishing simulations;

  • use reputation mechanisms based on SWG (secure web gateway), NGFW (next-generation firewall), SASE (secure access service edge), EDR (endpoint detection and response) solutions;

  • use sandboxes for e-mail traffic and protection against phishing built into popular browsers or implemented with the help of additional plugins for them;

  • do not neglect the classic principles of digital hygiene on personal computers and mobile devices (for example, perform regular updates, grant programs a minimum set of privileges).

Related posts