Phish of the Week: How Did Phish Fare in 2020?

A Year and Millions of Phish Later

It’s been a challenging year. We’ve all had to shift the way we live, do business and protect our organizations from cyber attacks. Recent events like the SolarWinds and FireEye breaches remind us all that we are in an asymmetric fight that never ends.

As the year winds down, we consider ourselves fortunate to have played a meaningful role in helping to protect organizations large and small from motivated threat actors. The list runs long, but here are some of the most notable attack trends we saw in 2020:

    • COVID-19-themed attacks, not surprisingly, are at the top of the list. Taking advantage of fears surrounding the pandemic, hackers barely had to be creative to lure victims. To date, we’ve seen and intercepted 5.4 million pandemic-based phishing attacks.
    • The shift to cloud email leaves businesses deciding between depending on cloud-suite native security capabilities or layering their email with legacy solutions. Unfortunately, neither option fared well in 2020. Our service blocked 7.2 million phishing attacks that targeted organizations using Microsoft Office 365 as their cloud email provider.
    • And finally, a 2020 theme worth noting is email authentication. Companies often consider DMARC, SPF and DKIM as a means to secure email against phishing threats. While an important tool, email authentication does not hold up against sophisticated phish – as evidenced by our service stopping 23 million phish that bypassed DMARC, SPF and DKIM.

Trouble Trusting Your Suppliers’ Security? We Don’t Blame You

Another trend that increasingly threatened organizations in 2020: supply chain-based attacks. Digital supply chains represent a significant security risk to any organization – a risk made frighteningly clear by the recent FireEye and SolarWinds breach.

Attackers often successfully compromise a supplier, partner or vendor to initiate their attack against other organizations. And as our Chief Security Office Blake Darche says, “Attackers are increasingly breaching victims through side windows, instead of breaking down front doors.”

We see this trend only increasing. In our own service we’ve stopped upwards of a quarter billion dollars in supply chain-related fraudulent invoicing this year.

If you don’t yet have a strategy for stopping the 7 types of supply chain phishing attacks, download this complimentary white paper now. (7 min)

Old Phish, New Tricks

Why are hackers sticking to the COVID-19 theme? Well, because it works. In a campaign “sequel” to an infamous Microsoft Sharepoint spoof, this new version lures its upper-level management targets with urgent info about COVID-19 restrictions. Area 1’s security research team uncovered this new wave of phish and detailed it all in this new blog (3 min).

What Your SOC Team Wants in 2021

Is your security team burdened with incident response from an increase in phishing attacks and security aware employees? Read this new data sheet (2 min) to learn how postdelivery inbox protection and M-SOAR (email security orchestration and response) can reduce your SOC’s incident triage time by 90 percent.

Want to keep up to date with the latest phishing trends? 

Subscribe to our newsletter here!

 

Shalabh

Shalabh Mohan

VP, Product at Area 1

With a career spanning 20 years fighting bad guys online, Shalabh leads all product and go-to-market functions at Area 1 Security, with extensive prior experience across security, enterprise, and cloud infrastructure companies such as Aspen Networks, IronPort Systems, Cisco and Bracket Computing. Shalabh and his teams have taken products from conception all the way to large scale businesses; and in the process have consistently helped make the Internet a safer place. An alumnus of Stanford University and the University of Texas at Austin, Shalabh holds five patents and can claim to know something about enterprise infrastructure and security.

How to replace your email gateway with Cloudflare Area 1

Leaders and practitioners responsible for email security are faced with a few truths every day. It’s likely true that their email is cloud-delivered and comes with some built-in protection that does an OK job of stopping spam and commodity malware.

Introducing email link isolation – Email gateway replacement playbook

This week was a big one for us at Cloudflare, one of our four innovation weeks which we hold annually, showcasing new developments, product news and reference architectures.

Superhero strategies for the Phish Fight

Today is National Superhero Day, and we would like to dedicate this day to you—the SOC teams and the security experts on the frontline of the phish fight.