Credential phishing involved in most email attacks

Organizations experienced 48% more email attacks during the first half of 2022 than the second half of 2021, with credential phishing attempts accounting for 68% of the attacks, reports TechRepublic. Seventy percent of all brands spoofed in credential phishing emails included social networking sites, Microsoft offerings, e-commerce and shipping providers, and Microsoft offerings, with LinkedIn being the most impersonated brand in attacks, an Abnormal Security report revealed. Numerous industries have also been targeted by credential phishing attacks, with threat actors tailoring the spoofed brand depending on the sector. More than 50% of attacks against government agencies, educational entities, entertainment firms, and religious organizations involved emails spoofing social media networks, but emails impersonating Microsoft were more popular in attacks against agricultural firms and professional sports teams, according to the report. Such attacks should prompt organizations to bolster security awareness training for their employees, noted Abnormal Security. "Being proactive about protection and taking advantage of innovative technologies are key to reducing your organizations risk," Abnormal Security said.