Bbabo NET

Science & Technology News

BI.ZONE presented a report on phishing attacks

BI.ZONE experts stated that 68% of targeted attacks on companies begin with an email. Bulk unsolicited messages are distributed through email, including advertising spam and character flooding, malware phishing (malware), and spoofing. Such messages are sent to steal data for ransom, sell or publish information on the darknet, check whether recipients’ email addresses are active, and distribute advertising. In 2023, two-thirds of all letters in corporate traffic were illegitimate, the information service and the press service of the information security company were told.

The share of phishing emails in 2023 increased by 70% compared to 2022. One of the 137 letters belonged to this category. The main target was the transport and logistics sector, where one out of 88 emails was phishing. Transport has become the leader in the growth rate of phishing attacks. In this industry, the share of attacks increased 2.4 times at the end of the year.

In 2023, cybercriminals first used Russian remote access programs to distribute malicious files. The file itself was delivered via email.

Compared to 2022, in 2023 the share of emails with malicious attachments increased 2.4 times. The absolute leader was the industrial sector, where the number of letters with malware was almost 6 times higher than the average.

As information security specialists said, during the reported period, 80% of the malicious traffic arriving at corporate email servers was used by attackers using malware distributed according to the MaaS (malware-as-a-service) model.

The share of attacks in which an attacker impersonated a trusted source decreased in 2023, compared to 2022, by 1.5 times. BI.ZONE experts note that cybercriminals have shifted their focus, so spam and advertising (including obscene content) are sent not from fake email addresses, but through hacked legitimate accounts.

There was an overall decline in spoofing activity in 2023, but spoofing increased in specific industries. For example, the share of spoofing increased by 2.2 times in the industrial sector, in the field of transport and logistics - by 2 times, and in the field of finance and insurance - by 1.3 times.

The largest in terms of coverage was spoofing campaigns with mailings supposedly on behalf of government authorities. In addition, the top industries by the share of illegitimate emails in corporate traffic looked like this:

industry - 74%;

transport and logistics - 72%;

construction and real estate - 70%;

professional services - 70%.

BI.ZONE presented a report on phishing attacks