Identity deception attacks are on the rise — they accounted for 62% of all phishing campaigns from July to September of this year, according to Agari’s Q4 Email Fraud and Identity Deception Trends report.
Brand impersonation campaigns fell 6% from the prior quarter, but emails pretending to be from individuals rose to 22% of all efforts, up from 12% in the same period.
"Malicious emails impersonating well-known brands are generally associated with credentials-harvesting schemes," states Patrick R. Peterson, founder and CEO, Agari.
Peterson adds that "those spoofing trusted individuals are typically linked to more sophisticated, social engineering-based business email compromise attacks."
However, there was a 2% decline in attacks launched from hijacked email accounts.
This may be due to the fact that cyber criminal groups are in intelligence-gathering mode in preparation for full-blown business email compromise attacks.
The report also reveals that: