BEC and Phishing Attacks Soar by 20% and 41% in H1 2023

Additionally, the biannual analysis identifies a 75% surge in attacks targeting cloud collaboration channels, among other significant cyberattack trends

(Tel Aviv, Israel – May 27, 2023) Perception Point, a leading provider of advanced threat prevention across digital communication channels, today published a new report analyzing global cyberattack trends in H1 2023 amidst the paradigm shift brought about by advances in generative AI (GenAI) capabilities. In its H1 2023 Report: Cybersecurity Trends & Insights, Perception Point reported an overall increase in social engineering attacks, including a 20% growth in the prevalence of Business Email Compromise (BEC) attacks along with a 41% surge in phishing attacks from H2 2022 to H1 2023. Additionally, the report observed a 75% increase in attacks targeting cloud collaboration apps and storage, including Microsoft 365 apps, Salesforce, Slack, AWS S3 Buckets and others. The report identifies and analyzes additional concerning cyberattack trends, based on intelligence gathered from the company’s Advanced Threat Prevention solutions, which intercept attacks across email, web browsers, and cloud collaboration apps.

As a result of growing access to easy-to-use generative AI tools such as OpenAI’s ChatGPT, malicious actors can now attempt more sophisticated attacks with alarming simplicity and regularity. Cybercriminals are also leveraging the power of unethical GenAI alternatives like WormGPT to create increasingly sophisticated and deceptive malicious content. GenAI tools are fueling this year’s rise in both BEC and phishing attacks, whose prevalence had already increased in 2022 according to previous Perception Point research.

To combat the rising threat posed by generative AI, Perception Point has developed an innovative Large Language Model (LLM)-based detection engine to detect and prevent social engineering attacks. This model, which mirrors the technology behind popular LLMs like ChatGPT and Google’s Bard, enables organizations to identify AI-generated attacks, strengthening their defenses against these sophisticated threats.

In examining cyberattacks by type, channel, and industry, the report gives a holistic overview into the changing threat landscape. The total number of cyberattacks rose by 36% in H1 2023. Email continued to be the main vector for delivering malicious content, with as many as 1 in every 100 emails sent in the first half of 2023 found to be malicious. Phishing remains the most widespread threat type across all channels, accounting for 70% of all attacks. Malware accounted for 20% of attacks, and BEC constituted 8%.

“The continued rise in cyberattacks of all forms, particularly phishing and BEC powered by generative AI, emphasizes the need for innovative approaches to enhance organizations’ defense mechanisms,” said Yoram Salinger, CEO of Perception Point. “We expect cybercriminals to continue sharpening their tools in order to target a wider range of communication and collaboration channels, which is likely to fuel an unprecedented surge in attacks in 2023. Organizations should adopt proactive security measures and embrace emerging technologies and holistic, managed services to strengthen their ability to prevent and remediate such pernicious cyber threats.”

The H1 2023 report goes on to analyze the distinct cybersecurity challenges faced by organizations based on size, region, and sector. Attack patterns varied across industries, with phishing responsible for 94% of all attacks targeting the Oil & Gas sector, 24% of attacks on Industrial companies was malware related, while the technology sector was more likely than others to experience BECs and advanced attacks.

The full report with detailed analysis can be accessed here, and contains a comprehensive breakdown of these findings as well as examples of some of the attack types mentioned in the report.

About Perception Point

Perception Point is a Prevention-as-a-Service company for the fastest and most accurate next-generation detection and response to all attacks across email, cloud collaboration channels, and web browsers. The solution’s natively integrated incident response service acts as a force multiplier to the SOC team, reducing management overhead, improving user experience and delivering continuous insights; providing proven best protection for all organizations.

Deployed in minutes, with no change to the enterprise’s infrastructure, the patented, cloud-native and easy-to-use service replaces cumbersome legacy systems to prevent phishing, BEC, spam, malware, Zero-days, ATO, and other advanced attacks well before they reach end-users. Fortune 500 enterprises and organizations across the globe are preventing content-borne attacks across their email and cloud collaboration channels with Perception Point.

To learn more about Perception Point, visit our website, or follow us on LinkedIn, Facebook, and Twitter.

Media Contact

Ben Crome

Headline Media

[email protected]

+1 914 336 4922

Perception Point Reports Business Email Compromise and Phishing Attacks Soar by 20% and 41% Respectively in H1 2023

Don't miss out on any industry updates.

Sign up for our newsletter!

Ready to Try
Perception Point?

Learn More

Beyond Add-Ons: Elevating Browser Governance Against Malicious and Risky Extensions

Nespress-Oh No! Phishing Attack Exploits Nespresso Open Redirect Vulnerability

Professionally Hooked: Microsoft Two-Step Phishing Campaign Targets LinkedIn Users

Behind the Attack: Evasive HTML Spear Phishing

Evolving Email Security with Embedding Space and AI-powered Subject Analyzer

Operation PhantomBlu: New and Evasive Method Delivers NetSupport RAT