Q3 2023 saw a significant increase in both phishing and malware attacks. Phishing volumes increased by 173% compared to the previous quarter, with a total of 493.2 million phishing emails. Malware attacks also rose by 110%, reaching 125.7 million emails in the quarter.
August was the most active month for phishers, with over 207.3 million phishing emails, followed by September and July.
Facebook and Microsoft remained the top impersonated brands by hackers. In Q3 2023, Facebook was the most impersonated brand, with a significant increase in phishing URLs compared to the previous quarters.
Microsoft remained the most impersonated corporate brand, with hackers targeting Microsoft 365 users in various attacks. These attacks aimed to compromise victims by bypassing Microsoft 365’s native security features.
The report details two Microsoft 365 attacks – one using a Baidu link redirect and another using QR codes. These attacks used various techniques to bypass email filters and compromise victims.
Email continued to be the top vector for phishing and malware attacks. The report emphasized the need for integrated email security solutions and automated phishing awareness training to protect organizations.
Phishing attacks surged across all industries. The government sector saw the largest increase at 292%, followed by cloud, social media, and finance. Bank of America was the most impersonated company, with an 873% increase in phishing URLs during Q3.