Cofense, a provider of phishing detection and response solutions, has released its 2023 Annual State of Email Security Report, which reveals the growing threats that standard email security solutions fail to detect. According to the report, there has been a 569% increase in malicious phishing emails and a 478% increase in credential phishing-related threat reports published in 2022, as observed by Cofense Intelligence. The company combines a global network of over 35 million people with artificial intelligence and machine learning to access a dataset of actionable threat intelligence. The annual report provides a comprehensive assessment of the trends the company observed in 2022 through this data.
Credential phishing is the top attack vector, with a 478% increase in malicious emails identified, according to Cofense intelligence. Other top email security trends include Emotet and QakBot remaining the top malware families, business email compromise being one of the top cybercrimes for the eighth year in a row, and an increase in the use of Web3 technologies and Telegram bots as exfiltration destinations.
The report also highlights the top five malware families that made up the highest volume of phishing campaigns disseminated in 2022: Emotet, Qakbot, Formbook, Agent Tesla, and Snake. Emotet retained its position at the top of the list, despite months of inactivity, and Qakbot continues to evolve defensive mechanisms against malware analysis.
Tonia Dudley, Vice President and Chief Information Security Officer at Cofense, emphasized the importance of staying on top of the latest trends and tactics in the evolving cybersecurity landscape. She also stated that the need for rapid and actionable intelligence has never been greater, as threats increase in frequency, intensity, and sophistication. Dudley noted that organizations must continue to evaluate ways to mitigate risk and assess what email security controls need to be added or enhanced to raise their overall security posture.