Around 3.4 billion malicious emails are sent daily, accounting for about 1.2% of all emails. Before looking into the details around email phishing for 2023, it is essential to take a moment to look at 2022 successful phishing attacks.
According to the 2022 IBM global security report, email phishing resulting in credential theft still is at the top of the list at 19%.
Stopping email phishing attacks in 2023 requires additional protection layers beyond the basic behavior analytics and static rules in Secure Email Gateway(SEG) devices.
Platforms from AI-Powered email security firm Trustifi enabled several inbound filters based on mature AI engines.
With a proven AI-enabled security layer, Trustifi continues to help clients worldwide as hackers continue enabling AI-powered email phishing attacks.
What other email phishing trends from 2022 will continue to be a growing problem in 2023?
Why Are Phishing Email Statistics Critical for Organizations to Pay Attention To?
As more organizations adopt digital transformation strategies, including more cloud-based applications, protecting user credentials becomes even more paramount. Credential theft is one of the biggest targets in the corporate network. This attack makes up a considerable portion of the 2023 email statistics.
What Industry in 2023 Will be Statistically More affected by Email Phishing?
According to the data collected by Statista, here is a breakdown of which industries continue to be the top target for email phishing attacks.
Financial Industry 23%
Financial services continue statistically leading the pack regarding email phishing schemes. Hackers know where the money is and will focus a good amount of the global AI-powered hacking resources on banks, financial institutions, credit unions, automotive dealerships, and insurance companies. Anyone in the financial services space stores vast personal identifiable information(PII).
Hackers using ChatGPT generated an increase in phishing messages targeting these firms to gain access to their client’s financial records. Even with the amount of privacy and compliance mandates, email phishing attacks against financial institutions is a still a global problem, specifically ransomware attacks from malware delivered through the email channel.
Software-as-a-Service 17%
Many SaaS-based applications hosted by vendors use Security Assertion Markup Language(SAML). Enterprise organizations widely use SAML to simplify user login into various application Software-as-a-Service(SaaS) sites. SaaS vendors supporting SAML credentials make the login process much easier for the user.
The site accepts SAML credentials, including their users’ email addresses and a password. Knowing this, hackers will target user credentials through spear phishing emails or other forms of phishing to gain access to several victims’ web accounts using SAML credentials. Once the SAML credential becomes exploited, the hacker gains access to several accounts through a single login.
E-Commerce 11%
Amazon.com, Microsoft.com, and Apple.com host some of the e-commerce portals in the world. These sites process billions of dollars in financial transactions each day. Hackers will focus some phishing scams against the more significant e-commerce players. However, small-to-mid-size sites pose a greater risk.
Small businesses hosting their websites on Godaddy.com, Square.com, and other Shopify are frequent targets of hackers. Leveraging email as a distribution channel for malware, hackers will use AI-enabled attack velocity resources to adjust their kill chain based on which sites seem easiest to exploit. AI gives hackers a significant advantage by extending their ability to alter their email phishing content messages faster and change their scope of attack within seconds. This rapid change often becomes very overwhelming with small e-commerce sites.
Social Media Platform 4%
Facebook, Linkedin, and Twitter (X) face continuous attacks by global hackers. Many attack these sites as a sign of protest for their data-sharing exploits along with policies around censorship. However, hackers will also use social media channels for social engineering. Attackers commonly use a fraudulent email for phishing purposes, with many attacks starting with a “warm contract” or “probe” email.
Warm contact emails aim to confirm the victim’s email account and gather additional information for future targeted attacks. A cybercriminal is more likely to manipulate a victim into trusting them if they have extensive knowledge about the victim.
Leveraging well-crafted gmail phishing emails, hackers will use various communication methods within social media to contact their victims as part of a more complex business email compromise or a financial scam.
Where does most of the global spam originate from?
Top Five Origin Countries Sending The Most Spam?
As of January 2023, here are the topic origin countries sending spam:
- USA ( 8 billion per day)
- >Czech Republic (7.7 billion per day)
- Netherlands (7.6 billion per day)
- France (7.5 billion per day)
- Russia (7.4 billion per day)
Source: https://www.statista.com/statistics/1270488/spam-emails-sent-daily-by-country/
Why is Knowing Email Phishing Statistics Critical for the Organization?
According to the report by Stanford University, “The Psychology of Human Error,” 88 percent of data breaches are caused by human error. This statistic continues to align with the problem security professionals have with their user base still clicking on email phishing emails, resulting in ransomware, malware, and data theft.
A recent study found that 26% of surveyed organizations experienced an increase in email threats, with 88% of those falling victim to ransomware. This trend suggests a troubling correlation between these two types of attacks. Ransomware continues with the rise in phishing attacks, even with advanced spam filters and security awareness training continuing primary infection vectors.
AI and machine learning benefit research, but hackers can also use them for advanced attacks. Not all episodes are the same. Misconfiguration of systems, including firewalls, IDS, and encryption, also increase the percentage of successful attacks by hackers.
What is the Current and Future State of Email Phishing?
Even with increases in challenges with the human element, deceptive phishing emails continue to be the primary attack vector, resulting in email account compromise, credential phishing, and propagation of malicious code. Thanks to the AI-enabled phishing attacks, these next-generation attacks will drive up the cost of phishing attacks in 2023.
In 2023, LinkedIn has grown to become a key target for hackers. Cybercriminals use social engineering attacks to gain access to key executives. Scammers claiming to recruiters for Apple, Amazon, and Microsoft to gain access to job candidates’ personal information also is on the rise. As many people departed from their current jobs during COVID-19, many have used LinkedIn extensively to build their networks for future employment.
Hackers using impersonating LinkedIn will continue to rise along with other social media domains, including Facebook, Twitter(X), and Google. AI-powered email security is needed to help stop these complex domain impersonation attacks.
How Trustifi Detected and Stopped AI-Powered Attacks.
Trustifi successfully detects and quarantines this phishing campaign email using multiple metrics, including headers and links.
Trustifi has several proprietary phishing metrics and multiple AI-engine malicious tags, including recognizing impersonation domain attacks.
- Text-based analysis using sophisticated AI–catches many impersonations, spoofing, spear phishing threats, and BEC (Business Email Compromise)
- Full URL and file scanning (URL protection blocks malicious URLs from any device)
- AI filters to keep mailboxes clean of SPAM/GRAY emails to prevent phishing attacks (spam filtering)
Why Trustifi?
Trustifi is a cyber security firm featuring solutions delivered on software as a service platform. Trustifi leads the market with the easiest-to-use and deploys email security products, providing both inbound and outbound email security from a single vendor.
As a global cybersecurity provider of both inbound and outbound email protection, Trustifi currently supports customers from countries including the USA, Canada, Brazil, the Dominican Republic, the UK, the Netherlands, India, the UAE, China, and Japan, Cyprus, the Philippines, and more. The company has also developed “One-Click Compliance” capabilities that cater to world security regulations, including PDPO for Hong Kong, POPI for South Africa, GDPR for Europe, and LGPD for Brazil.
