Cloudflare Harnesses the Power of its Global Network to Identify Top Exploited Phishing Methods and Most Impersonated Brands in Inaugural Report
August 18, 2023Cloudflare, Inc. released its inaugural 2023 Phishing Threats Report. The findings highlight that phishing remains the most dominant and fastest growing Internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today’s threat actors.
While business email compromise (BEC) losses have topped $50 billion, corporate organizations are not the only victims that attackers are after. The real implications of phishing go beyond Fortune 500’s and global companies, extending to small and local organizations as well as the public sector. For instance, in this year’s report, Cloudflare observed more email threats targeting political organizations. In the three months leading up to the 2022 US midterm elections, Cloudflare’s email security service prevented around 150,000 phishing emails from making their way to campaign officials.
Regardless of an organization’s size, industry or sector, the report revealed that threat actors who leverage phishing campaigns have two major objectives. First and foremost, the goal is to achieve authenticity and legitimacy in the eyes of the victim. Second, is to persuade victims to engage or click. These objectives are underscored by the key findings of the report, including:
- Malicious links were the #1 threat category, comprising 35.6% of detected threats
- Identity deception threats are on the rise – increasing YoY from 10.3% to 14.2% (39.6 million) of total detections
- Attackers posed as more than 1,000 different organizations in over 1 billion brand impersonation attempts. The majority of the time (51.7%), they impersonated one of 20 well-known brands
- The most impersonated brand happens to be one of the most trusted software companies: Microsoft. Other top companies impersonated included Google, Salesforce, Notion.so, and more
- One-third (30%) of detected threats featured newly registered domains – the #2 threat category
- Email authentication doesn’t stop threats. The vast majority (89%) of unwanted messages “passed” SPF, DKIM, or DMARC authentication checks
“Phishing is an epidemic that has permeated into the farthest corners of the Internet, preying on trust and victimizing everyone from CEOs to government officials to the everyday consumer,” said Matthew Prince, CEO at Cloudflare. “Email messages and malicious links are nefarious partners in crime when it comes to the most common form of Internet threats. Organizations of all sizes need a Zero Trust solution that encompasses email security – when this is neglected, they are leaving themselves exposed to the largest vector in today’s threat landscape.”