A new report released by phishing detection and response solutions company Cofense Inc. today finds a significant increase in malicious emails bypassing secure email gateways in 2023, serving as a wakeup call to the increasing abilities of malicious actors.

The Cofense 2024 Annual State of Email Security Report, based on 35 million employee accounts tracked by Cofense, identified more than 1.5 million malicious emails bypassing customer secure email gateways, or SEGs, last year, up 37% from 2022 and 310% from 2021. In context, the report notes that Cofense detected at least one malicious email bypassing their customer’s SEGs every 57 seconds.

SEGs are a security solution that filters incoming and outgoing emails to protect organizations from email-based threats, including spam, phishing, malware and other malicious activities. They’re supposed to stop malicious emails from getting through but are progressively getting worse. The report notes that SEGs are struggling to keep pace with sophisticated phishing campaigns.

The report deep dives into various aspects of email security, noting that email remains the primary attack vector for cybercrime, with 90% of data breaches originating from phishing attacks aimed at employees. Credential phishing, the preferred method of threat actors in 2023, saw a 67% increase in volume in 2023 compared to the previous year.

Other top trends noted through 2023 in the report include an increase in tactics such as vishing (voice phishing), smishing (SMS phishing), brand impersonation and QR code phishing that bypasses SEGs. Cofense saw a 331% increase in QR code active threat reports last year.

Healthcare and finance remained the top-targeted industries, with increases in malicious emails bypassing SEGs in those industries up 84.5% and 118%, respectively.

The report also provides advice about emerging threats to watch. Brand impersonation and vishing campaigns on the rise as threat actors exploit the tactics to deceive employees. These attacks efficiently bypass SEGs, as they often lack attachments or obvious links.

Business Email Compromise is also expected to remain one of the most devastating cybercrimes, with scammers exploiting conversation-based phishing attacks. Traditional defenses often fail to catch these attacks, resulting in billions of dollars being stolen annually.

“As we unveil the statistics from the 2024 Annual State of Email Security Report, it’s evident that the email-based attack vector is evolving at an unprecedented pace going into 2024,” said Chief Executive David Van Allen. “The data we present in this report speaks directly about the escalating sophistication of cyber threats, which demand a different approach to effective email security.”

One final takeaway isn’t in the report directly but in supporting documents from Cofense: Not even two months into 2024, the number of emails bypassing SEGs this year has more than doubled. It’s a problem that will only worsen without appropriate action at the corporate level.

Image: Cofense