As social media phishing reaches new heights, new data reviewing 2023 shows a massive effort by cybercriminals to leverage impersonation of social media brands. Cybercriminals are no longer just targeting your corporate network. Due to the rise of the cybercrime economy, there are a growing number of cybercriminal gangs strictly going after initial access (that can be sold to other cybercriminals).

According to IBM X-Force’s latest Threat Intelligence Index, 30% of all cyber incidents in 2023 involved abuse of valid credentials. X-Force’s report stated that abuse of valid credentials exceeded phishing as a top threat for the first time. I love IBM, but they are mixing up root causes and outcomes of root causes. What I mean is that you have to ask yourself how the credentials were stolen in the first place. Were they stolen from the user or a website? Were they guessed at?

New analysis of a phishing campaign shows how cybercriminals use brand impersonation of the platforms they need to compromise accounts and takeover legitimate services. Every day there seems to be a new term for yet another creative attack technique. The latest is phishception (a play on words from the movie Inception) coined by security analysts at cybersecurity company Netcraft.

I have been working in cybersecurity for a long time, since 1987, over 35 years. And, surprisingly to many readers/observers, I often say I have not seen anything new in the hacker/malware space since I began. The same threats that were a problem then are the same problems now. Social engineering and unpatched software (and firmware) have long been the two biggest initial root causes for hacking…for decades.

For the first time, analysis of ransomware payments made in a single year tops $1,000,000,000. This signals a massive return to more frequent, sophisticated, and successful attacks. Each year, blockchain analysis company, Chainalysis, reports on ransomware payments based on the payments made to digital wallets known to belong to cybercriminals and cybercriminal gangs.

Emails are still the most common delivery method for malicious files, according to Check Point’s Cyber Security Report for 2024. “Email-based attacks continue to be the dominant initial infection vector,” the report says.

Attacks targeting Swiss residents increased 10% last year, according to newly-released data that shows a growth in not just phishing attacks, but brand impersonation at purely a national level. The Swiss Federation’s National Cyber Security Centre (NCSC) hosts a phishing site reporting tool where individuals and businesses can report suspicious websites and emails. They analyze and track reports, consolidating their findings annually into their Anti-Phishing Report.

A single account being phished caused millions of French healthcare policyholder records to be breached. I’ve said it before… it only takes one phish. And in the case of French payment processor, Malakoff Humanis, a single click enabled a cyber attack was the catalyst for a data breach that occurred earlier this month, according to their post on LinkedIn (press See Translation for a localized version of the post).