Phishing Clicks Soar: A 190% Surge in 2024

January 8, 2025 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Phishing attacks saw a sharp rise in 2024, with enterprise users clicking on phishing links nearly three times more than in 2023, according to Netskope’s latest research. Over eight out of every 1000 users fell victim monthly, driven by user fatigue from relentless phishing attempts and attackers’ increasingly sophisticated lures.

Cloud Apps in the Crosshairs

Cloud applications were the primary targets for phishing, accounting for 27% of user clicks. Cybercriminals often exploit compromised cloud accounts for business email compromise, data theft, or further attacks. Microsoft emerged as the most targeted brand, making up 42% of phishing link clicks in this category. Banking (17%) and telco (13%) sectors were also heavily targeted.

Phishing Links Shift Beyond Emails

The report revealed a shift in where phishing links are clicked, with most coming from various web sources instead of emails. Search engines accounted for 19% of clicks, with attackers leveraging malicious ads and SEO poisoning to drive traffic to phishing sites. Other sources included shopping (10%), technology (8.8%), business (7.4%), and entertainment (5.7%) sites.

“Attackers are capitalizing on creative social engineering tactics,” the researchers noted. “While users are cautious with email links, they tend to trust links from search engines or legitimate-looking websites.”

GenAI Usage Grows, Data Risks Addressed

The report highlighted a surge in workplace use of Generative AI (GenAI) apps, with 94% of organizations leveraging them in 2024, up from 81% in 2023. ChatGPT topped the charts, used in 84% of organizations.

Employee usage of GenAI apps also tripled, from 2.6% in 2023 to 7.8% in 2024. To mitigate risks, 73% of organizations blocked at least one GenAI app, while 45% implemented data loss prevention (DLP) solutions. Additionally, 34% used real-time coaching to educate employees on AI-related risks, ensuring safer adoption of these powerful tools.