Cofense, a provider of phishing defense solutions, has released its Q1 2023 Active Threat Report. The report reveals a 20% increase in malicious email threats compared to the previous quarter, with a 34% increase from Q1 of last year. The report also highlights key takeaways from the quarter, including the rise of Telegram bots in malicious campaigns and a volatile increase in credential phishing throughout the quarter.
Qakbot remained the most successful malware family, reaching inboxes 185% more often than Emotet, despite Emotet's high dissemination volume. Threat actors experimented with various delivery mechanisms, including the use of OneNote files, which have now been targeted with Microsoft updates to prevent the spread of advanced malware families.
The FBI's 2022 IC3 report identified phishing email as the top crime for ransomware targeting organizations globally. The report emphasizes the importance of looking upstream at the chain of events that led to the ransomware and determining the payloads delivered within the email. Cofense Intelligence provides unique human-vetted expertise and analysis with actionable insights to help customers determine the flaws in their defenses and prevent phishing attacks.
The report warns that the phishing threat landscape is heavily swayed by malware families such as Emotet, which go inactive for periods of time but disseminate a large number of emails when active. The report predicts a similar occurrence this year, with an overall increase in phishing volume as we enter the summer months.
The report highlights the need for organizations to remain vigilant against phishing threats and to regularly assess their defenses. Cofense Intelligence's Q1 report also provides valuable insights into the changing tactics, techniques, and procedures (TTPs) of threat actors, allowing organizations to stay ahead of evolving threats.