Subj : Phishing clicks nearly tripled in 2024 as criminals aim for smart
To   : All
From : TechnologyDaily
Date : Tue Jan 07 2025 10:45:06

Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks

Date:
Tue, 07 Jan 2025 10:23:38 +0000

Description:
Phishing awareness forced threat actors to get creative - and it's paying off.

FULL STORY
======================================================================The 
number of people clicking on links in phishing attacks increased three times 
in a year Netskope's new report argues this is because threat actors have 
evolved their tactics Cloud apps remain the number one target 

The number of workers clicking on phishing links saw a major increase in 
2024, putting businesses of all sizes at risk of compromise, new research has 
claimed. 

A report from Netskope based on anonymized usage data collected by its 
Netskope One platform, found during the year, for every 1,000 workers, there 
were 8.4 who clicked on a link in a phishing email . 

This represents a threefold increase from the year before, when just 2.9 
people did the same. Microsoft a popular target 

Netskope says the significant increase in successful phishing attempts was 
particularly down to two things: people suffering from cognitive fatigue 
(there are simply too many phishing attacks and people eventually drop their 
guard), and threat actors being super creative and adaptable, thus creating 
harder-to-detect campaigns. 

This being said, threat actors were most interested in access to cloud apps. 
These took up more than a quarter of all the clicks, with Microsofts Live and 
365 credentials being of particular interest. 

Pages targeting Yahoo and AOL were also quite widespread, while those for 
Adobe and DocuSign were used as stepping stones towards other credentials. 

Microsofts popularity as a phishing target is unsurprising because Microsoft 
365 is the most popular productivity suite by a large margin, the report 
stated. 

Phishing awareness training will also need to be revamped this year, Netskope 
suggested, since it was too focused on email, and not enough on other 
channels. 

Email was not the number one attack vector distributing these phishing links. 
Netskope thinks this is mostly because people have learned to pay attention 
to incoming emails, forcing threat actors to get creative. They know their 
victims may be wary of inbound emails (where they are repeatedly taught not 
to click on links) but will much more freely click on links in search engine 
results, the report says. 

So, instead of through emails, users were tricked on search engines (through 
SEO poisoning), as well as shopping, technology, and entertainment sites 
running referrals in comments, malicious ads, and infected sites. You might 
also like Corporate executives are being increasingly targeted by AI phishing 
scams Here's a list of the best antivirus tools on offer These are the best 
endpoint protection tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/phishing-clicks-nearly-tripled-in-2024-
as-criminals-aim-for-smarter-attacks


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.