The SlashNext State of Phishing Report 2023 has unveiled a concerning trend in the cybersecurity landscape, revealing a 1265% surge in malicious phishing emails since Q4 2022.
The annual report, compiled by SlashNext Threat Labs, encompasses an analysis of threats observed across email, mobile and browser channels over 12 months, from Q4 2022 to Q3 2023. The report also emphasized a noteworthy 967% increase in credential phishing attacks.
Patrick Harr, CEO of SlashNext, has attributed these figures to the growing role of generative AI.
“We know from our research that threat actors are leveraging tools like ChatGPT to help write sophisticated, targeted Business Email Compromise (BEC) and other phishing messages, and an increase in the volume of these threats of over 1,000% corresponding with the time frame in which ChatGPT was launched is not a coincidence,” the executive said.
“Our aim is not to overstate or exaggerate the threats stemming from generative AI, but to help our customers and the cybersecurity community at large understand the true dangers and respond appropriately.”
Read more about similar threats: Phishing Sites and Apps Use ChatGPT as Lure
Other key findings include an average of 31,000 daily phishing attacks, with 68% of these identified as text-based BEC. The research, inclusive of a survey involving over 300 cybersecurity professionals, indicates that 46% of respondents have encountered BEC attacks.
Furthermore, 77% of these professionals have been the subject of phishing attempts, with 28% of those attacks being delivered through text messages. Mobile-based attacks include a notable 39% classified as SMS phishing (Smishing).
The report emphasized the evolution of the threat landscape, specifically highlighting the growing significance of mobile-based and multi-stage attacks. It underscores the urgency for organizations to adopt comprehensive protective measures, with an increasing reliance on AI-driven solutions to counter the proliferation of AI-fueled cyber-threats.
“The threat landscape is shifting incredibly fast now with the introduction of AI to the game,” commented Mika Aalto, co-founder and CEO at Hoxhunt. “But the good news is that AI can also be used to defend against sophisticated attacks, and we’ve seen that good training continues to have a protective effect against AI-generated threats.”
Image credit: kovop / Shutterstock.com