PhishLabs Releases 2019 Phishing Trends and Intelligence Report, Highlighting The Growing Social Engineering Threat
Overall phishing attack volume grew 40.9% in 2018
Charleston, S.C., April 16, 2019 – PhishLabs, the leading provider of cybersecurity services that protect against social engineering, today released its 2019 Phishing Trends and Intelligence Report. Using data collected from millions of social engineering attacks spanning email, web, social media, SMS, and mobile channels, the report highlights the latest trends and techniques that threat actors use to exploit the employees, customers, and brands of today’s enterprises.
The findings presented in the report are designed to help security leaders and practitioners gain a better understanding of the current phishing threat landscape. Using this information, they can take proactive steps to reduce the risk of breaches, online fraud, and brand abuse.
“The wide range of digital channels we use in our everyday lives makes phishing the most versatile and low-cost weapon in the cybercrime arsenal,” said PhishLabs Founder and CTO, John LaCour. “It comes as no surprise that phishing is involved in most credential theft, malware, and online fraud attacks.”
Among the key findings in this year’s report, PhishLabs identified that phishing volume increased 41% in the last year. The company also noted that 98% of attacks that made it past enterprise email security controls and into user inboxes did not contain malware, which suggests that these controls fail to effectively detect and block credential theft and email scam phishing attacks such as Business Email Compromise (BEC attacks).
Key findings of the PhishLabs 2019 Phishing Trends and Intelligence Report include:
- Phishing attack volume grew 40.9% in 2018
- 83.9% of attacks targeted credentials for financial, email, cloud, payment, and SaaS services
- The use of free website infrastructure to stage and launch attacks grew substantially
- 98% of attacks that made it past enterprise email security controls and into user inboxes contained no malware
- The most effective lures in simulated phishing exercises were Financial/HR and Ecommerce
Leading up to the release of the report, PhishLabs hosted a webinar to discuss the identified key findings. Led by Founder and CTO John LaCour, the company provided additional insight into the largest shifts into the evolving phishing threat. To access the on-demand webinar, register at https://info.phishlabs.com/2019-pti-report-webinar-evolving-threat-actor