Emerging threats created by generative AI evade traditional defenses, BEC attacks
with differentiated file types and sender names are on the rise.
IRONSCALES, the leading enterprise cloud email security platform protecting more than 10,000 global enterprises, today released its IRONSCALES Threat Index: Q3 2023 Edition.
Based on proprietary data analysis of millions of customer emails, the IRONSCALES Threat Index: Q3 2023 Edition, highlights the evolving landscape of phishing and business email compromise (BEC) trends. From the dominance of BEC scam threats to the rise of generative AI attacks, these findings shed light on the pressing cybersecurity challenges faced by organizations today. The IRONSCALES Threat Index encompasses email data across all of IRONSCALES Microsoft 365 and Google Workspace protected customers from Q2/Q3 2023.
Key findings are summarized below:
BEC, Advanced Email Attacks of all Kinds Continue to Climb
Despite increased awareness among both end-users and security professionals, the scourge of business email compromise (BEC) continued largely unabated over the past year. From Q2 2022 to Q2 2023, BEC attempts increased by 23% in the United States and by 21% globally. Meanwhile, advanced email attacks overall increased by 24% over the first two quarters of 2023 alone.
Threat Actors Adopt Novel Strategies to Outmaneuver Traditional Defenses
The threat of advanced email attacks continues to rise at a dizzying pace, and organizations are struggling to keep up. Worse yet, threat actors are now adopting newer, more advanced strategies designed to outmaneuver traditional defenses and scale attacks more effectively. From Q1 to Q2 2023, BEC attacks using “Senders with Multiple Display Names” rose by 73%. Senders with Multiple Display Names is a way for attackers to target entire organizations without alerting traditional security tools. Despite being sent from the same address, malicious emails display different names in the “From” field for different recipients, creating the illusion that they’re from different senders.
Rapid Cycling of Malicious File Types Extends the Same Old Game of Cat & Mouse
For decades, malicious attachments and hyperlinks have served as the tip of the spear for email-based cyberattacks. And for just as many years, threat actors and security vendors have been locked in a perpetual game of cat and mouse. This summer, we saw a 37x increase in xlam and xlms file types used as malicious payloads. But, just earlier this year, .oft and .odt file types saw the most dramatic growth in malicious use. Every year, we see novel classes of malicious payloads emerge, surge, then sink into disuse; only for the cycle to start all over again.
Dramatic Decline in Malicious Payload Use Signals a Changing Threat Landscape
But while the game of cat and mouse continues, fewer and fewer threat actors are choosing to participate. Over the past two quarters, the overall volume of attacks containing malicious payloads (i.e. dangerous links or attachments) has begun to decrease precipitously, more than doubling its rate of decline from one quarter to the next. From Q1 to Q2 2023, malicious payload attacks decreased by 47%. Instead, they’re using cutting-edge tools to better execute a more timeless approach.
- Generative AI Ushers in a Golden Age of Social Engineering
Standard email security tools have gotten better at identifying malicious payloads. Including a malware attachment or a link to a phishing webpage in an email is a surefire way to get swept up by today’s standard defenses. At the same time, generative AI has given hackers the ultimate tool for social engineering at scale. With programs like FraudGPT, they can now create infinitely more polished, sophisticated, and convincing social engineering attacks — in a fraction of the time.
“If there's only one thing you take away from our latest Threat lndex, it's that change is the only constant in today's threat landscape," said Eyal Benishti, co-founder and CEO at IRONSCALES. "Newer, more sophisticated threats continue to emerge at an ever-increasing pace, and traditional email defenses are struggling to keep up. As BEC and advanced, generative-AI enabled social engineering attacks continue to skyrocket, organizations must turn to new techniques and technologies of their own. And in this current climate, only the most cutting-edge, AI-driven technologies, combined with the power of human insights (HI), can reliably detect and defend against these emerging threats.”
IRONSCALES is at the forefront of defending against sophisticated phishing and BEC attacks. As the only solution that leverages the power of AI and human insight, IRONSCALES equips enterprises worldwide with comprehensive tools to bolster their security posture against the constantly evolving threat landscape - reliably protecting your organization from both the known and unknown threats.
Click to download an infographic of the IRONSCALES Threat Index: Q3 2023 Edition.
IRONSCALES is the leading cloud email security platform for the enterprise that uses machine learning and AI to stop advanced phishing attacks that bypass traditional security solutions. Its award-winning self-learning platform continuously detects and remediates advanced threats like Business Email Compromise (BEC), credential harvesting, Account Takeover (ATO), and more. As the most powerfully simple email security platform, IRONSCALES helps enterprises reduce risk, boost security team efficiency, and build a culture of cybersecurity awareness. IRONSCALES is headquartered in Atlanta, Georgia, and is proud to support more than 10,000 customers globally. Visit http://www.ironscales.com or @IRONSCALES to learn more.