The year-over-year growth is primarily attributed to the use of generative AI for voice phishing (vishing) and deepfake phishing.
That’s what data from Zscaler shows. The company analyzed 2 billion blocked phishing transactions on its Zero Trust Exchange platform. Cybercriminals appear to use generative AI to manipulate trusted platforms and intensify attacks, resulting in social engineering tactics such as vishing and deepfake phishing. In vishing, a phone call can be used for phishing, while deepfake phishing uses fake content almost indistinguishable from original material.
In terms of the brands most often imitated, Microsoft is by far the most frequently imitated, at 43 per cent. On the other hand, Microsoft solution OneDrive (12 per cent) and SharePoint (3 per cent) are also in the top five. Okta and Adobe complement the top five. The reasons for the frequent use of these brands in phishing campaigns are the wide use and value associated with obtaining login credentials for these platforms.
On the rise
The overall 60 per cent increase is mainly due to the high number of phishing attempts faced by the financial services industry. In fact, this sector saw a 393 per cent increase from a year earlier. For hackers, the reliance on digital financial platforms provides extensive opportunities to conduct phishing campaigns and exploit vulnerabilities.
Looking at the performance of different regions, Zscaler’s data shows that the U.S. accounts for 55.9 per cent of all phishing attacks, by far more than top countries such as the U.K. (5.6 per cent), India (3.9 per cent), Canada (2.9 per cent) and Germany (2.8 per cent).
According to Zscaler, it is likely that the U.S. accounts for such a large share because of its advanced digital infrastructure, large number of Internet-connected users and high number of online financial transactions.