Phishing attacks have increased 62 per cent over the last year, according to the Securonix 2023 Threat Report.
The number of vacation-related phishing attacks grew by 25 per cent compared to the previous 12-month period. Cybercriminals are sending e-mails posing as vacation requests from colleagues or supervisors, luring unsuspecting individuals into their traps.
The average number of TTPs (tactics, techniques and procedures) and IoCs (indicators of compromise) identified per month increased by 14 per cent compared to the previous period.
Harshil Doshi, Country Manager (India and SAARC) at Securonix said, “For 2023 some distinct highlights around the surge in vacation-request phishing campaigns which revealed how scammers deploy social engineering tactics is unnerving. The Lockbit 3.0 ransomware, in particular, caused havoc in India compromising 600 GB of sensitive data.”
Taking new forms
The threat research team also uncovered a new attack campaign called the STARK#MULE, in which attackers use US military-related documents to lure victims and run malware staged from legitimate compromised Korean e-commerce websites. Organisations and individuals must exercise caution when handling e-mail attachments, maintain up-to-date software and implement security training and awareness programs, he added.
Over the last year, 541 threats have been identified across a wide range of industries, sizes, and geographies. The top three most prolific threats identified were vacation-related phishing emails, SSH honeypot activity and RAT tools emerged as significant threats over the past year.
Organisations are witnessing an up-tick in vacation request phishing e-mails (25 per cent increase over the past year), which when successful can result in significant financial losses, data breaches and reputational damage.
SSH honeypots — decoy servers set up to attract and monitor malicious activity targeting — were seen across more environments than any other threat in the past year. There was an increased distribution of remote access trojan (RAT) tools on public sites which poses significant cybersecurity concerns.