Phishing Report Findings Call for a Fundamental Shift in Organizational Approaches to Defense

SlashNext has released its 2024 Phishing Intelligence Report, a comprehensive study identifying and analyzing the vectors most exploited by cybercriminals in the past year. The findings and how the data is trending form recommendations for organizations on the best areas to strengthen their security defenses against attacks in 2025. Their message to organizations for 2025 is clear: Phishing isn’t an email-only problem anymore; instead, it is a multi-faceted message security problem that necessitates a change in how organizations tackle threat detection and prevention.

Key Findings from the 2024 Report

Without wishing to sound hyperbolic, the findings revealed huge increases across multiple areas. These include:

Drastic increase in Credential Phishing

Credential phishing is an online scam where cybercriminals seek to obtain usernames and passwords to access victims’ bank accounts and personal information, leading to potential identity theft. Two standard methods used to extract information are Phishing attempts and Fake Login Pages.

Credential theft attacks surged by 703% in the latter half of 2024, reflecting the increased use of sophisticated phishing kits and social engineering tactics.

Rise in Email-Based Attacks

Email phishing can be understood as ‘the quintessential model of phishing attacks.’ The attack method involves sending out fraudulent emails containing malicious links in vast numbers.

Overall, email-based threats rose by 202% in the latter half of the year, with users receiving at least one advanced phishing link weekly that could bypass standard security measures.

Zero-Day Threats on the Rise

A zero-day threat is a cyberattack that exploits a previously unknown vulnerability present in a computer or mobile device’s software or hardware. The “zero-day” aspect references how the targeted organization has essentially a period of “zero days” to resolve the issue once the flaw has been identified.

Among all embedded malicious links observed, 80% were previously unknown zero-day threats. This highlights the limitations of relying solely on static threat intelligence and signature-based detection methods.

Alarmingly Frequent User Exposure

Phishing is one of the most common forms of social engineering that users are exposed to and another area that attackers deployed substantially more of in 2024. Social engineering is a manipulative tactic cybercriminals use to deceive individuals into divulging confidential information or performing actions that compromise security.

The report found that in 2024, users faced 3 to 6 threats weekly, representing up to 600 mobile threats annually. Social engineering attacks rose by 141%, underscoring the need for adaptive security measures.

Expert Analysis

Cybersecurity experts have been reacting to the report. Nicole Carignan, Vice President of Strategic Cyber AI at Dark Trace, identified how organizations still face phishing attacks despite improved email security. She spoke about how many tools rely on outdated data, making them ineffective against new threats, and how employees alone can’t defend against evolving tactics; machine learning is needed to identify suspicious behaviours. Speaking on the expanded threat landscape (noting how threats now extend to platforms like Microsoft Teams and Dropbox), she called for the adaption of proactive security strategies and better governance to combat cross-domain attacks.

James Scobey, Chief Information Security Officer at Keeper Security, believes that ‘As attackers grow more sophisticated, the need for stronger, more dynamic identity verification methods – such as MFA and biometrics – will be critical to defend against these increasingly nuanced threats.’

Conclusion

The report’s takeaway message is that Phishing is now a broader messaging security problem and should act as a wake-up call to organizations of all sizes. By recognizing phishing as a multi-faceted and pervasive threat, businesses can better position themselves to protect critical assets and maintain trust in an increasingly hostile digital environment.