Freely subscribe to our NEWSLETTER

The Cofense Phishing Detection and Response Platform, powered by over 35 million Cofense-trained employees, detected a record-setting number of malicious emails and phishing campaigns in 2023. In just two years, Cofense PDR identified over 1.5 million malicious emails bypassing their customers’ Secure Email Gateways (SEGs), signaling a 37% increase in threats compared to 2022, and a staggering 310% increase over 2021. To put this in context, the report highlights that Cofense detected at least one malicious email bypassing their customers’ SEGs every 57 seconds.

“As we unveil the statistics from the 2024 Annual State of Email Security Report, it’s evident that the email-based attack vector is evolving at an unprecedented pace going into 2024,” said David Van Allen, CEO of Cofense.

The Cofense Annual Report points out that secure email gateways struggle to keep pace with sophisticated phishing campaigns and relying on ’good enough’ email security is no longer an option for most enterprises.

“The data we present in this report speaks directly about the escalating sophistication of cyber threats, which demand a different approach to effective email security. Cofense remains committed to providing enterprise solutions to keep up with evolving threats," said Van Allen.

The Email Security Landscape

The report highlights that email remains the primary attack vector for cybercrime, with 90% of data breaches originating from phishing attacks aimed at employees. Secure email gateways are struggling to keep pace with the rapidly evolving nature of phishing campaigns, evidenced by a concerning 104.5% increase in the number of malicious emails bypassing SEGs in 2024. Credential phishing, the preferred method of threat actors, also saw a staggering 67% increase in volume compared to the previous year. Other top trends in 2023 included:

• Phishing campaigns evolved - In 2023 Cofense saw an increase in tactics like vishing, smishing, brand impersonation, and QR code phishing that bypass SEGs. Cofense reported a 331% increase in QR code active threat reports (ATRs) last year.
• Healthcare and finance remained the top targeted industries - Increases in malicious emails bypassing SEGs in those industries at 84.5% and 118%, respectively.
• New malware families, including DarkGate and PikaBot, emerged to fill the gap left by the FBI’s dismantling of the Qakbot infrastructure.

Emerging Threats to Watch:

• Brand Impersonation and Vishing: Brand impersonation and vishing campaigns are on the rise, with threat actors exploiting these tactics to deceive employees. These attacks are efficient at bypassing SEGs, as they often lack attachments or obvious links.
• Resurgence of Emotet/Geodo: Despite law enforcement actions in 2021, Emotet/Geodo resurfaced in 2023, highlighting the persistence and adaptability of this destructive malware.
• Agent Tesla Keylogger: A persistent threat throughout 2021 and 2022, Snake Keylogger remained a significant risk in 2023. As we go into 2024, its ability to evade detection by antivirus software makes it a concerning threat to organizations.
• FormBook’s Menace: A consistent threat, FormBook is an information-stealer malware focused on accessing sensitive information from infected systems. Businesses are urged to proactively safeguard against this pervasive threat.
• Google AMP Phishing Tactic: A new phishing tactic leveraging Google Accelerated Mobile Pages (AMP) has been identified, proving highly successful. Cofense reports a 1,092% increase in Google AMP emails bypassing secure email gateways in the last six months of 2023.
• Business Email Compromise (BEC): BEC remains one of the most devastating cybercrimes, with scammers exploiting conversational-based phishing attacks. Traditional defenses often fail to catch these attacks, resulting in billions of dollars being stolen annually.