The Evolution of Phishing and AI Impacted Email Security as BEC attacks surged by 43.3%, resulting in $2.7 billion in 2022 losses, prompting 9 out of 10 organizations to adopt AI-driven defenses against sophisticated cyber threats.

The Evolution of Phishing and AI Impacted Email Security as BEC attacks surged by 43.3%, resulting in $2.7 billion in 2022 losses, prompting 9 out of 10 organizations to adopt AI-driven defenses against sophisticated cyber threats.

The Evolution of Phishing and AI Impacted Email Security as BEC attacks surged by 43.3%, resulting in $2.7 billion in 2022 losses, prompting 9 out of 10 organizations to adopt AI-driven defenses against sophisticated cyber threats.

image

Email security is often a cat-and-mouse game where cybercriminals utilize new phishing technologies and techniques to expose vulnerabilities and avoid detection—and 2023 was no different. Recent studies from Osterman Research shed light on the rapidly evolving threat landscape, particularly with the increase in BEC (Business Email Compromise) attacks and the use of AI in email security.

This post will highlight some of the report findings and show how drastically the phishing landscape has evolved in 2023 and how IRONSCALES stayed one step ahead of the attackers. 

How Phishing Has Evolved in 2023

The Rising Cost of Phishing 

Phishing is more than just a data risk; it's a significant drain on resources. According to the Osterman Research report, The Business Cost of Phishing, dealing with a single phishing email can take up to an average of 27.5 minutes, translating to an average cost of $31.32 per email. The same report revealed that IT and security teams spend one-third of their weekly work hours dealing with phishing threats. 

Unfortunately, the report also noted that two-thirds of organizations expect the phishing problem to worsen in the next year. 

IRONSCALES stands as a crucial ally in anti-phishing by combining AI and human insights to deliver better protection against advanced phishing threats with adaptive AI, improve operational efficiency with intelligent automation, and empower the organization with built-in security awareness training and phishing simulation testing technology.  

BEC Attacks Become A Growing Digital Menace 

One attack type that gained momentum in 2023 were Business Email Compromise attacks (BEC). These attacks, which research shows specifically targeted the financial and executive sectors of organizations, were anticipated to increase by 43.3% in the next 12 months, according to the Osterman Research report, Defending the Enterprise: The Latest Trends and Tactics in BEC Attacks. Our own IRONSCALES research revealed that from Q1 to Q2 2023, BEC attacks using “Senders with Multiple Display Names” rose by an alarming 73%.

What makes these types of attacks so popular is their profitability. Over the past few years, BEC schemes have drained billions from businesses, reaching a nerve-wracking $2.7 billion in losses in 2022 alone.

These attacks are not just limited to emails anymore; they're spreading their tentacles across various communication channels, including spear phishing emails, SMS, and social media, making them more elusive and dangerous. 

To help counteract the success rate of these sophisticated BEC attacks, like spear phishing, IRONSCALES developed GPT-powered Phishing Simulation Testing to boost employee awareness of socially engineered attacks without the operational overhead. This technology utilizes our own PhishLLM to allow users to instantly generate highly personalized spear-phishing simulation campaigns to keep employees vigilant. 

The AI Revolution in Email Security 

If 2023 could be summed up in two letters, it would be AI. ChatGPT launched at the end of 2022 but took off like a rocket in 2023. Over the next 12 months, every industry was impacted by this technology—including email security (for better and for worse). While many email security leaders, like IRONSCALES, already had AI phishing detection models, more and more cybercriminals were leveraging AI tools to craft and launch sophisticated phishing attacks, igniting the need for AI anti-phishing solutions. The Role of AI in Email Security, a study conducted in collaboration with Osterman Research, notes that nine out of ten organizations are stepping up their game by implementing AI-enabled email security solutions.

Neil Stein, the Senior Vice President of Technology Services at OrthoCarolina, notes, “With ChatGPT, the phishing emails we receive look remarkably convincing. IRONSCALES captures those threats effectively. If we didn’t have this tool on our side, it would be like shoveling against the tide, a fruitless effort. We couldn't do it. I have too many other responsibilities to keep up with all the phish that come through. IRONSCALES is indispensable.”


We provides a SelfLearning NexGen User-Friendly platform combining AI and HumanInsights (HI) along with providing a number of advanced detection techniques for such Impersonation attempts, Polymorphic Attacks, Phishing, Fake Login, SocialEngineering, AccountTakeover, and URLs Links detection using ComputerVision Technology, 50+ engines scanning for advance MalwareDetection BEC Anomaly Detection using Natural Language Processing and offers a multi-layered approach, all combined with our Award Winning MLearning and AI-powered IncidentResponse and Virtual SOC remediating these attacks at the Mailbox level. SRC Cyber Solutions LLP in India provides the most comprehensive Mailbox Level Protection. If you want to know more kindly Click here

© 2024 SRC Cyber Solutions LLP. All Rights Reserved.