Massive 84% Increase in Phishing Emails Delivering Infostealers: A Growing Digital Threat
Phishing Emails Delivering Infostealers Surge 84%
In 2024, cybercriminals orchestrated an alarming 84% increase in the delivery of infostealers through phishing emails, according to a comprehensive analysis from IBM.
This escalating trend signifies a shift in attackers’ strategies, prioritizing stealth and credential theft than high-profile ransomware attacks on enterprises.
Phishing Blamed for The Surge
Phishing, a traditional method used in cybercrime, contributed profoundly to this upsurge.
With a drastic rise of 84% observed in the number of email-delivered infostealers, it has become a prime concern for cybersecurity professionals.
These emails, often disguised as legitimate requests or notifications, lure unsuspecting recipients into providing sensitive information, such as passwords or credit card details.
Under Attack: Critical Infrastructure
Attackers targeted critical infrastructure in about 70% of the incidents.
Compromised valid accounts were the initiating vector for about 31% of these attacks, followed by phishing.
These attacks are particularly concerning due to the potential disruption and damage inflicted on essential services, industries and government entities.
Low Profile, High Impact
The increasing incidence of credential theft puts personal information at risk on a widespread scale.
Infostealers can compromise and amass personal, financial or other sensitive data—frequently unbeknownst to the victim.
This stolen information can then be monetized through various channels in the darknet.
Practical Advices to Combat Threat
Recognizing the shift in attackers’ strategies is the initial step towards combating such threats.
Cybersecurity professionals need to appropriately educate users about the risks of phishing, secure network boundaries, implement threat detection technologies, and regularly monitor and analyze network traffic.
Conclusion
Security leaders and practitioners are encouraged to adjust their strategies, considering the evolving threat landscape.
Awareness, vigilance, proactive defense measures, and continuous monitoring are essential in securing digital assets against email-delivered infostealers.
Original article available at Help Net Security.
