London, UK – 3rd October 2024 - Leading cybersecurity company, Egress, a KnowBe4 company, today has launched its latest Phishing Threat Trends Report (October 2024), which examines the most recent phishing statistics and threat intelligence insights. The report explores how cybercriminals commercialise their activities through phishing toolkits, the tactics employed during large-scale commodity attacks, the multi-step process of advanced persistent threat campaigns, and the methods of impersonat

  • 28% increase in phishing emails sent between April 1st – June 30th vs January 1st – March 31st, 2024

  • 82% of phishing toolkits mentioned deepfakes and 74.8% referenced AI

  • During a commodity attack, on average organisations experience a 2,700% increase in phishing attacks compared to the normal baseline

  • 72.3% of commodity attacks used a hyperlink as its payload, followed by QR codes at 14.0%

  • 52.5% of advanced persistent threat (APT) campaigns were classified as zero-day attacks, while only 35.4% contained a previously identified payload

  • 89% of phishing emails involve impersonation; Adobe was the most impersonated brand, followed by Microsoft

  • 14.9% of impersonation emails were classed as ‘payloadless’, relying solely on social engineering tactics

  • 44% of phishing emails were sent from compromised accounts, helping them bypass authentication protocols