Impersonation Becomes Top Phishing Technique
A new report finds IT, healthcare, and manufacturing are the industries most targeted by phishing emails.
Impersonation and credential harvesting attacks are most common among phishing attackers this year, according to new research.
Avanan's 2021 Global Phish Cyber Attack Report finds credential harvesting is used in 54% of all phishing attacks and is up nearly 15% compared to 2019. Researchers also found 20.7% of all phishing attacks are business email compromise (BEC), and only 2.2% are extortion.
Analysis revealed the most targeted industries are IT, healthcare, and manufacturing. IT saw more than 9,000 phishing emails in a one-month span, out of an average of 376,914 total emails. Healthcare received more than 6,000 phishing emails, out of an average of 451,792 total emails; and manufacturing saw just under 6,000 phishing emails, out of an average of 331,184 total emails.
Impersonation is also a top technique among fraudsters. In 51.9% of all impersonation emails, criminals attempted to impersonate a non-executive in the organization. Non-executives are targeted 77% more often than C-level execs, researchers found. The most common tactic is using non-standard characters and limited sender reputation. Non-standard characters are used in 50.6% of phishing links and 84.3% of phishing emails do not have a significant historical reputation with the victim.
The full report can be found here.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024