New report reveals a rise in phishing attacks, as commodity campaigns, advanced persistent threats, and impersonation attacks escalate

28% increase in phishing emails sent between April 1st – June 30th vs January 1st – March 31st, 2024

82% of phishing toolkits mentioned deepfakes and 74.8% referenced AI

During a commodity attack, on average organisations experience a 2,700% increase in phishing attacks compared to the normal baseline

72.3% of commodity attacks used a hyperlink as its payload, followed by QR codes at 14.0%

52.5% of advanced persistent threat (APT) campaigns were classified as zero-day attacks, while only 35.4% contained a previously identified payload

89% of phishing emails involve impersonation; Adobe was the most impersonated brand, followed by Microsoft

14.9% of impersonation emails were classed as ‘payloadless’, relying solely on social engineering tactics

44% of phishing emails were sent from compromised accounts, helping them bypass authentication protocols