Phishing clicks have almost tripled in 2024

Success rate for phishing lures triples

Despite companies' repeated attempts to train their employees' security awareness, especially to avoid falling victim to phishing, corporate users clicked on phishing lures almost three times as often in 2024 as in 2023. More than eight out of every 1,000 users clicked on a phishing link each month. This is an increase of 190% compared to the previous year, when less than three in every thousand corporate users were victims of phishing attempts.

Where attackers host their malicious user data is also an element of social engineering. They want to host malicious content on platforms that the victims trust. These include popular cloud apps such as GitHub, Microsoft OneDrive and Google Drive. In 2024, 88% of organizations downloaded malicious content from popular cloud apps at least once a month.

The top target for phishing campaigns clicked on by users in 2024 were cloud applications, which accounted for more than a quarter of all phishing clicks at 27%. Among the cloud apps, Microsoft was by far the most frequently attacked brand with 42%. The attackers primarily targeted Microsoft Live and Microsoft 365 login information.

Personal apps blur the boundaries

The ubiquity of personal cloud apps in the enterprise has created an environment where employees knowingly or unknowingly use these apps to process or store sensitive data. This leads to a loss of organizational control over data and potential data breaches. The main personal apps that users send data to include cloud storage, webmail, GenAI, social media and personal calendar apps.deep

In 2024, 88% of all employees used personal cloud apps every month. More than one in four users (26%) uploaded, posted or otherwise sent data to personal apps. Sensitive data leaked via personal apps is at the top of the list for most organizations. The most common type of data breach involves regulated data (60%), which includes personal, financial or health data uploaded to personal apps. Other types of data affected by breaches include intellectual property (16%), source code (13%), passwords and keys (11%) and encrypted data (1%).

Growth trends for GenAI continue

In 2023, GenAI entered the world of work. The growing acceptance of GenAI apps by both companies and users - as well as the total volume of GenAI apps in use - continued until 2024:

• Organizational usage increased from 81% of companies using GenAI apps in 2023 to 94% in 2024. ChatGPT continues to be the most popular GenAI app and is used in 84% of companies.
• The proportion of employees using GenAI apps tripled from 2.6% to 7.8%. Retail and technology companies lead all industries with an average of more than 13 % of all employees using GenAI apps each month.
• Organizations now use an average of 9.6 GenAI apps, up from 7.6 a year ago. The top 25% of organizations now use at least 24 GenAI apps, while the bottom 25% use at most 4 GenAI apps.

Management of GenAI data risk

In 2024, GenAI apps became more and more commonplace in companies - 94 % are already using them. Nevertheless, it is clear that many companies are still in the early stages of setting up secure controls for GenAI and mitigating the associated data risks.

• 45% of companies use DLP to control the flow of data in GenAI apps. The acceptance of DLP for GenAI varies greatly depending on the industry. At 64 %, the telecommunications industry is in the lead.
• 34% of companies rely on real-time interactive user coaching to empower individuals to make appropriate and informed decisions.
• In 73% of the cases where users are warned of a potential violation of company law, they decide not to proceed based on the coaching information provided.
• 73% of companies block at least one GenAI app, with the number of blocked GenAI apps remaining constant from year to year at an average of 2.4.
• The number of apps blocked by the top 25% of all organizations blocking GenAI apps has more than doubled in the last year, from 6.3 apps to 14.6.

The most important findings for companies

Netskope recommends that organizations take the following steps to protect their environments:

• Users are bombarded with phishing links from all directions: Email, social media, ads in search engine results and across the web. In addition, genAI makes it easier for attackers to create convincing phishing links. This illustrates that it is not enough to rely on education alone to detect a phishing attempt. It must be accompanied by investment in modern data protection.
• Employees continue to accidentally or intentionally share files via their personal accounts. They include proprietary information in personal backups or use private app instances to take data with them when they leave the company. Regardless of intent, organizations should restrict access to apps with legitimate business purposes. They also need to set up a review and approval process for new apps and implement continuous monitoring. This should alert security experts if apps are misused or compromised.
• The trend of more and more companies and employees using GenAI will continue in 2025. GenAI is increasingly being used in the workplace. With the growing number of apps, controls are needed to ensure that only authorized apps are used. Companies should use modern data security to control data transfer to authorized apps. Real-time coaching helps employees make informed decisions when using GenAI apps. In addition, controls are needed to block unauthorized apps.

"The common denominator for organizations working to secure the use of apps in the enterprise and mitigate the challenges of the threat landscape is the need for modern data security," says Ray Canzanese, Director of Netskope Threat Labs. "Gone are the days when data security was an afterthought. It needs to be seamlessly integrated into every aspect of an organization's operations. From defending against phishing to protecting personal apps to managing GenAI, data security is no longer just protection at the edge. It's a dynamic, proactive framework with real-time user coaching, DLP and app-specific controls to stay ahead of an ever-changing threat landscape."

The full Cloud and Threat Report: 2025 can be downloaded at here can be viewed here. More information on cloud-based threats and the latest insights from Netskope Threat Labs: Threat Research Hub from Netskope.

This article originally appeared on m-q.ch - https://www.m-q.ch/de/phishing-klicks-haben-sich-im-jahr-2024-fast-verdreifacht/