Every year, threat actors look for new tactics to outwit victims and bypass defenses. And 2022 was no different. As businesses rolled out new security controls, cyber criminals found new, sophisticated ways to attack people.
In our ninth annual State of the Phish report, we dive deep into complex new techniques that are giving attackers a new advantage. We also track the growth of proven tactics that remain popular as ever.
Here are a few highlights:
- 44% of people think an email is safe when it contains familiar branding BUT more than 30 million malicious messages sent in 2022 involved Microsoft branding or products.
- 300k-400k telephone-oriented attack delivery attempts were made daily, with a peak of 600k per day in August 2022.
- Direct financial loss from successful phishing increased by 76% in 2022.
- 75 million threats - around 1 in 10 - were blocked because of user reporting.