PhishLabs Releases 2019 Phishing Trends and Intelligence Report, Highlighting The Growing Social Engineering Threat

Posted on April 16, 2019

Overall phishing attack volume grew 40.9% in 2018

Charleston, S.C., April 16, 2019 – PhishLabs, the leading provider of cybersecurity solutions that protect against social engineering, today released its 2019 Phishing Trends and Intelligence Report. Using data collected from millions of social engineering attacks spanning email, web, social media, SMS, and mobile channels, the report highlights the latest trends and techniques that threat actors use to exploit the employees, customers, and brands of today’s enterprises.

The findings presented in the report are designed to help security leaders and practitioners gain a better understanding of the current phishing threat landscape. Using this information, they can take proactive steps to reduce the risk of breaches, online fraud, and brand abuse.

Access Report Now

“The wide range of digital channels we use in our everyday lives makes phishing the most versatile and low-cost weapon in the cybercrime arsenal,” said PhishLabs Founder and CTO, John LaCour. “It comes as no surprise that phishing is involved in most credential theft, malware, and online fraud attacks.”

Among the key findings in this year’s report, PhishLabs identified that phishing volume increased 41% in the last year. The company also noted that 98% of attacks that made it past enterprise email security controls and into user inboxes did not contain malware, which suggests that these controls fail to effectively detect and block credential theft and email scam phishing attacks such as Business Email Compromise (BEC attacks).

Key findings of the PhishLabs 2019 Phishing Trends and Intelligence Report include:

  • Phishing attack volume grew 40.9% in 2018
  • 83.9% of attacks targeted credentials for financial, email, cloud, payment, and SaaS services
  • The use of free website infrastructure to stage and launch attacks grew substantially
  • 98% of attacks that made it past enterprise email security controls and into user inboxes contained no malware
  • The most effective lures in simulated phishing exercises were Financial/HR and Ecommerce

Leading up to the release of the report, PhishLabs hosted a webinar to discuss the identified key findings. Led by Founder and CTO John LaCour, the company provided additional insight into the largest shifts into the evolving phishing threat. 

Media inquiries:

Stacy Shelley

+1 843.329.7824

[email protected]

Recent News

A PhishLabs report by security writer Brian Krebs was featured in a CNET article warning web users about HTTPS security fraud on the Internet.

Founder and CTO of PhishLabs John LaCour spoke with FBI Special Agent Davey Ware at the RSA Conference in San Francisco to talk about how vishing attacks work to defraud victims of their money and

Half of all phishing sites now have padlocks, but are anything but secure

Originally published in BLEEPINGCOMPUTER

Excerpt:

Charleston-based cybersecurity company is named a top employer in South Carolina.