A new study from Darktrace sheds light on worrying shifts in phishing strategies. It shows that 62% of phishing emails now get past domain-based message authentication, reporting, and conformance (DMARC) checks.
The research looked at 17.8 million phishing emails and points to a troubling rise in the complexity of cyber-attacks. The findings reveal that over a third of these fail to check but also slip by major email providers unnoticed. What’s more, 56% of the phishing emails got through all current security systems, highlighting a big problem for cybersecurity defenses.
Darktrace’s research shows how cyber threats keep changing. Bad guys now use smart tricks to get around normal security systems. One big trend is using real third-party websites and services, which helps these scams look like regular web traffic. From January to June 2024, the report found these were the most common threats in phishing tries: Malwarethat steals info: 29%, Trojans: 15%, Remote access trojans (RATs): 12% Botnets: 6%, Loaders: 6%.
The report points out a worrying pattern in how cybercriminals use advanced tricks to hide their tracks. This includesmixing phishing emails with encrypted content and using clever social tricks to fool people who get these emails. When you put all these tricks together, it makes it harder to spot these emails and ups the chances they’ll slip past normal security checks.
As the bad guys get better at what they do, security experts face the challenge of having to adjust and beef up their defenses against these changing threats. These discoveries show a move toward more complex phishing plans, pointing out the pressing need to boost security steps and stay alert in fighting these emerging threats.
