Sending deceptive links is most common email phishing tactic: Report

Sending deceptive and malicious links is the number one email attack tactic, comprising more than 35% of total attacks. The bad actors becoming even more creative in getting users to click on such links, a new Cloudflare report has shown.

The report further states that identity deception-based threats are on the rise, with close to 40 million detected instances between May 2022 and May 2023. Attackers mainly impersonate trusted brands and entities. In over 60% of cases, attackers pose as one of 25 top organisations such as Google, Amazon, and Salesforce. Notably, Microsoft has emerged as the most impersonated brand. A separate report by market research firm Check Point for Q2 2023 also mentioned that Microsoft is the most impersonated brand for phishing scams, accounting for about 30% of all attempts.

“Attackers are constantly evolving their tactics. Multiple protection layers must be enacted before, during, and after messages reach the inbox. Cloudflare never inherently “trusts” any type of email communication. Likewise, we recommend that — first and foremost — all organizations extend the Zero Trust security model of “never trust, always verify” not just to the network and applications, but also to the email inbox,”the Cloudflare blog said.

Business email compromise (BEC) is a malware-less attack that deceives recipients mostly in the transfer of funds requests. Email phishing is a lucrative attack tactic and forms a large portion of overall cyber attacks. BEC has seen a surge in the last few years, with threat actors increasingly leveraging cybercrime-as-a-service (CaaS) to carry out malicious activities. Between 2019 and 2022, there has been a 38% increase in cybercrime-as-a-service (CaaS) targetting business emails, as per Microsoft’s Cyber Signals report in May. CaaS is a service model where threat actors sell their services and tools.