Security awareness training (SAT) and simulated phishing works to significantly reduce cybersecurity risk. We have the data, customer testimonials and government recommendations to prove it. Social engineering, especially as enabled by email, text messages, the web and phone calls, is involved in the vast majority of cybersecurity attacks. No other root initial access hacking method comes close.

Research has revealed that since 2021 there has been a material increase in QR code phishing (or ‘quishing’), as cybercriminals continue to exploit available technology and their widespread familiarity. The once rare payload is nearly fourteen times more common in 2024 than it was three years ago, accounting for only 0.8% of attacks in 2021. This figure jumped to 1.4% in 2022, a staggering 12.4% in 2023, and has plateaued at 10.8% from January to March 2024.

The Evolution of Email Threats Email has long been a favored vector for cyber attacks. From the early days of simple phishing scams to the more advanced spear-phishing campaigns, email threats have consistently evolved. However, the integration of AI has brought about a paradigm shift in both the complexity and frequency of these attacks. AI-Powered Phishing Phishing attacks have traditionally relied on mass-distribution strategies, hoping to catch a small percentage of victims.

The China-aligned threat actor “Sharp Dragon” is launching spear phishing attacks against government entities in African and Caribbean countries, according to researchers at Check Point. “In recent months, we have observed a significant shift in Sharp Dragon’s activities and lures, now targeting governmental organizations in Africa and the Caribbean,” the researchers write.

The digital supply chain refers to the chain of third-party digital tools, services and infrastructure that your company depends on for a particular first-party service (such as your website or SaaS platform). In an ever-changing digital landscape, supply chains can be brittle with many unseen risks. The nature of supply chain risk is transitive; any part of the often long and complicated digital supply chain can be compromised, causing all components downstream of it to also be compromised.

Fluctuations in consecutive quarterly reports demonstrates that organizations should be worried that their cyber defenses may not be strong enough to stop phishing attacks. I wrote an article back in April of last year about how 1 in 8 emails make it to a user’s Inbox. That number has remained relatively consistent — so much that even the Threat Insights Report for Q1 2024 from HP Wolf Security shows that stat is still accurate. But then there’s the Threat Insights Report for Q4 2023.

Several phishing campaigns are targeting users of the Foxit PDF Reader, according to researchers at Check Point. Foxit is a popular alternative to Adobe Acrobat Reader for viewing PDF files. “Check Point Research has identified an unusual pattern of behavior involving PDF exploitation, mainly targeting users of Foxit Reader,” the researchers write. “This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands.

Netskope Threat Labs is tracking multiple phishing campaigns that abuse Cloudflare Workers. The campaigns are likely the work of different attackers since they use two very different techniques. One campaign (similar to the previously disclosed Azorult campaign) uses HTML smuggling, a detection evasion technique often used for downloading malware, to hide the phishing content from network inspection.

In Q1 2024, we saw an evolution in techniques used by attackers, some of which may point to longer term trends in the variation and sophistication of attacks faced by organizations. In particular, with regards to phishing, we saw SMS and voice-based tactics being used, which raises concern around the potential for deep fakes and AI-type technologies to further enhance the effectiveness of phishing attacks.

Two positive steps were taken last month to limit the damage caused by phishing and Business Email Compromise (BEC) attacks when a joint action by UK and EU law enforcement agencies compromised the infrastructure of the phishing-as-a-service operation LabHost and a major BEC operator was convicted in US Federal Court. While law enforcement operations are integral to defeating cybercrime, disrupting one or two adversary groups does not minimize the threat.