Share



Whitepaper

Emails Threats Pulse Report

As phishing attacks continue to evolve, we put our finger on the pulse of three key trends detected by Egress Defend in 2023.

Download your copy now for analysis of phishing campaigns that use legitimate websites to obfuscate malicious hyperlinks, the use of HTML smuggling attacks to bypass signature-based detection, the increase in compromised accounts to send phishing emails, and how the C-suite has been targeted by phishing attacks so far this year.

121%

increase in using legitimate URLs as carriers for malicious payloads

71%

of malicious payloads were HTML smuggling attacks

151%

increase in attacks sent from compromised accounts

Analysis of phishing attack created by crime-as-a-service gang Caffeine

Find out how this attack was designed to bypass domain-based inspection, and combined brand impersonation with the use of a real Ticketmaster URL to trick victims. On click, a 302 redirect sent victims to a phishing website. Sold as part of a phishing kit by crime-as-a-service gang Caffeine, this attack is available to purchase online.

Spike in phishing emails sent from compromised accounts

Understand how compromised legitimate accounts are being used by cybercriminals, with analysis of the types of payload being delivered and insight into the use of HTML smuggling to obfuscate malware. Additionally see how a business email compromise (BEC) attack plays out by leveraging social engineering tactics.

Whaling in 2023

Get insight into the ways cybercriminals target C-suite executives, including analysis of the payloads sent to the three most targeted job titles. Plus, find out why Monday is the most popular day of the week to send phishing emails to senior executives.

As cybercriminals continue to evolve their attack techniques, we are publishing this report to highlight emerging attack methodologies and trends.

Jack Chapman, VP of Threat Intelligence, Egress

Download your free report