Proofpoint, Inc., a leading cybersecurity and compliance company, recently released its ninth annual State of the Phish report, revealing attackers are using both emerging and tried-and-tested tactics to compromise organizations. According to the report, eight in 10 organizations (84%) experienced at least one successful email-based phishing attack in 2022, with direct financial losses increasing by an astonishing 76% compared to 2021. And while brand impersonation, business email compromise (BEC), and ransomware remained popular tactics among threat actors, cybercriminals also scaled up their use of less familiar attack methods to infiltrate global organizations.
The 2023 State of the Phish report provides an in-depth overview of the real-world threats, as sourced by Proofpoint’s telemetry encompassing more than 18 million end-user-reported emails and 135 million simulated phishing attacks sent over a one-year period.