Email is an essential part of everyday life. It is often the primary form of communication between employees, meaning company information is constantly shared within it. Because of this, threat actors often look to email when designating attack methods. According to a recent report by Cofense, 90% of data breaches begin with phishing.

The report found that healthcare and finance are the top targeted industries, likely due to the sensitive information those organizations hold. Healthcare data, bank account information and personally identifiable information (PII) are all desirable targets for threat actors looking for large ransomware payouts.

Even with increased security measures, organizations still found their emails subject to cyberattacks. The report found a 104.5% increase in malicious emails bypassing secure email gateways (SEGs) and users received a malicious email every minute. The report found a 67% increase in credential phishing. Credential phishing was the cause of 91% of published active threat reports.

There was a 331% increase in QR code active threat reports in 2023, according to the report. Security leaders should warn employees not to scan any QR codes of unknown sources, especially on company devices. This could include codes at events, parking meters or anything with an unclear destination.

When considering email security, security leaders should encourage employees to utilize two-factor authentication and change their passwords regularly. Leaders should also discourage employees from sending sensitive information over email, especially to someone outside of the organization.

Find out more here.

According to an Expel report, identity threats accounted for 64% of all investigated incidents and increased in volume by 144% from 2022. Of those incidents, 60% were unauthorized email logins and 40% were authentications to identity platforms, like Microsoft Entra ID, Okta, Ping and Duo.

The report found that 35% of organizations experienced more than one incident (up from 24% in 2022). Organizations saw an average of eight identity-based incidents over the year, according to the report.

The report found a 72% increase in cloud infrastructure incidents, roughly consistent with 2022. Exposed credentials (or secrets) were the leading root cause of cloud infrastructure incidents (42%), according to the report. Publicly exposed or stolen credentials allow attackers to maintain persistent access to the cloud environment with the permissions tied to that identity or role.

Hospitality, technology and financial services also made the list of top industries where we identified the most high-risk malware and identity incidents.

The report found that while malware as a percentage of overall incidents decreased by 25% in 2023, the potential impact of both high-risk and latent-risk malware should not be discounted. Phishing incidents tripled from 2% in 2022 to 6% in 2023, according to the report. The percentage of authorized penetration tests and red teams investigated decreased 43%.

Find out more here.