Zscaler Research

Phishing threats have reached unprecedented levels of sophistication in the past year, driven by the proliferation of generative AI tools. Transforming how cybercriminals operate, AI advancements are revolutionizing and reshaping the phishing threat landscape. Moreover, this technology has democratized the ability to orchestrate intricate phishing campaigns, making it easier than ever for even beginners to conduct complex and believable phishing attacks. Specifically, this observed shift is enabling novice cybercriminals to launch highly convincing, personalized scams with ease. As a result, organizations now face a myriad of new challenges in protecting their data and systems from the increasing onslaught of phishing attacks. In response, the Zscaler ThreatLabz team has released the 2024 Phishing Report. This report analyzes over 2 billion phishing transactions from 2023, found within the Zscaler cloud, to equip organizations with a clear understanding of the rapidly evolving phishing landscape. Providing insights into the latest trends and tactics used by cybercriminals, the report highlights active phishing campaigns, exposes emerging schemes, and identifies top targets by region, industry, imitated brand, and more. Showcasing real-world examples, ThreatLabz phishing findings underscore the importance of applying constant vigilance and zero trust security strategies. The guidance offered aims to help organizations strengthen their defenses against these evolving phishing techniques.Download the Zscaler ThreatLabz 2024 Phishing Report to gain the knowledge needed to proactively combat the rising wave of new phishing threats. 6 key phishing findingsThe following findings represent a subset of key phishing trend discoveries that shed light on the evolution of phishing tactics. Top phishing trends Phishing attacks surged by 58.2% in 2023 compared to the previous year, reflecting the growing sophistication and reach of threat actors. Voice phishing (vishing) and deepfake phishing attacks are on the rise as attackers harness generative AI tools to amplify their social engineering tactics. Adversary-in-the-middle (AiTM) phishing attacks persist and browser-in-the-browser (BiTB) attacks are emerging as a growing threat. Top phishing targets The US, UK, India, Canada, and Germany were the top five countries targeted by phishing attacks. The finance and insurance industry faced 27.8% of overall phishing attacks, marking the highest concentration among industries and a 393% year-over-year increase. Microsoft remains the most frequently imitated brand, with 43.1% of phishing attempts targeting it. Discover further insights into each of these findings and more in the report. Spotlight on AI-enabled phishing threatsGenAI has undoubtedly proven transformative in turning up productivity across businesses. Yet on the flip side of this transformation is a perilous truth: AI is also turning novice to average threat actors into skilled social engineers and sophisticated phishing attackers.By automating and personalizing various components of the attack process, AI speeds up and refines phishing attacks, making them more sophisticated and difficult to detect. GenAI quickly analyzes public data, such as information about organizations and executives, saving time in reconnaissance for threat actors and enabling more precise targeted attacks. LLM chatbots craft accurate, believable phishing communications and emails by eliminating misspellings and grammar mistakes. GenAI can swiftly generate convincing phishing pages. The ThreatLabz report showcases how ChatGPT created a phishing login page in less than 10 prompts, and provides key indicators to look out for when identifying a phishing page. AI has blurred the line between authentic and fraudulent content, making it all the more challenging to discern phishing schemes from legitimate web pages and digital communication.As ThreatLabz researchers tracked phishing trends throughout 2023, several notable advanced AI tactics also emerged. Among these were the rise of vishing and deepfake phishing, increasingly favored social engineering tactics that use AI-powered impersonation tools. Vishing insightsAdvanced vishing campaigns are gaining popularity globally, leading to substantial financial losses in some cases. In a notable attempt that ThreatLabz thwarted during the summer of 2023, phishing attackers used AI technology to perpetrate a vishing attack by impersonating Zscaler CEO Jay Chaudhry. The report details the sequence of events, serving as a critical reminder for enterprises and employees to stay vigilant against vishing scammers. ThreatLabz anticipates a continued surge in targeted voice phishing campaigns led by groups like Scattered Spider in the next year. As these efforts aim to acquire employee login credentials, it is imperative for organizations to fortify their phishing defenses to prevent unauthorized access and exploitation. Deepfake insightsPhishing attacks involving deepfakes will be one of the most challenging AI-driven cyberthreats. Threat actors now possess the ability to create video content that precisely and accurately replicates faces, voices, and mannerisms. This manipulation has already manifested in concerning ways, such as in the electoral process, where deepfake videos fabricate false narratives or statements from political figures. These videos can sway public opinion, disseminate disinformation, and erode trust in the integrity of the electoral process. As society becomes more and more reliant on digital communication and media consumption, the potential political and life-altering ramifications of deepfake scams will likely extend far beyond the scope of current applications. From financial scams to corporate espionage, the use of deepfake technology poses a significant threat to organizations, individuals, and society at large.Additionally, ThreatLabz observed a rise in QR code scams, recruitment scams, browser-in-the-browser (BitB) attacks, and adversary-in-the-middle (AiTM) attacks. Learn more about each of these schemes in the report. Mitigate phishing risk with zero trustGiven the concerning threat landscape uncovered by this year’s report, how can organizations protect against the latest phishing threats? One definitive solution lies in establishing a foundation of a zero trust architecture. Adapting security strategies to combat new phishing trends and mitigate associated risks is crucial—and zero trust is a proven strategy.The Zscaler ThreatLabz 2024 Phishing Report provides essential guidance to this end, including: Fighting AI with AI: Learn about Zscaler’s AI-powered phishing prevention capabilities needed to combat AI-driven threats, including preventing browser exploitation from phishing pages with Zscaler Browser Isolation Zero trust architecture advantages: Learn how the Zscaler Zero Trust Exchange prevents traditional and AI-driven phishing at multiple stages of the attack chain: Prevent compromise: TLS/SSL inspection at scale, AI-powered browser isolation and policy-driven access controls prevent access to suspicious websites. Eliminate lateral movement: Users connect directly to applications, not the network, while AI-powered app segmentation limits the blast radius of a potential incident. Shut down compromised users and insider threats: Inline inspection prevents private application exploit attempts, and integrated deception capabilities detect the most sophisticated attackers. Stop data loss: Inspection of data in-motion and at-rest prevents potential theft by an active attacker. Foundational security best practices: Learn fundamental security best practices to enhance overall resilience to phishing attacks. Download your copy of the Zscaler ThreatLabz 2024 Phishing Report today. Phishing attacks will persist and remain a pervasive threat to organizations. By understanding the latest phishing trends, assessing the associated risks, and recognizing the implications of AI-driven attacks, your organization will be better equipped to defend against phishing in 2024 and beyond.