The research found a 48% increase in email attacks over the previous six months, and 68.5% of those attacks included a credential phishing link. In addition to posing as internal employees and executives, cybercriminals impersonated well-known brands in 15% of phishing emails, relying on the brands’ familiarity and reputation to convince employees to provide their login credentials. Most common among the 265 brands impersonated in these attacks were social networks and Microsoft products.
LinkedIn took the top spot for brand impersonation, but Outlook, OneDrive and Microsoft 365 appeared in 20% of all attacks. What makes these attacks particularly dangerous is that phishing emails are often the first step to compromising employee email accounts. Acquiring Microsoft credentials enables cybercriminals to access the full suite of connected products, allowing them to view sensitive data and use the account to send business email compromise attacks.
For more visit https://www.helpnetsecurity.com/2022/08/15/landscape-email-threat/?web_view=true