Cloudflare Harnesses the Power of its Global Network to Identify Top Exploited Phishing Methods and Most Impersonated Brands in Inaugural Report
Report underscores that email is the most exploited threat vector, phishing remains borderless and attackers are increasingly impersonating trusted name brands
SAN FRANCISCO–(BUSINESS WIRE)–Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today released its inaugural 2023 Phishing Threats Report. The findings highlight that phishing remains the most dominant and fastest growing Internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today’s threat actors.
While business email compromise (BEC) losses have topped $50 billion, corporate organizations are not the only victims that attackers are after. The real implications of phishing go beyond Fortune 500’s and global companies, extending to small and local organizations as well as the public sector. For instance, in this year’s report, Cloudflare observed more email threats targeting political organizations. In the three months leading up to the 2022 US midterm elections, Cloudflare’s email security service prevented around 150,000 phishing emails from making their way to campaign officials.
Regardless of an organization’s size, industry or sector, the report revealed that threat actors who leverage phishing campaigns have two major objectives. First and foremost, the goal is to achieve authenticity and legitimacy in the eyes of the victim. Second, is to persuade victims to engage or click. These objectives are underscored by the key findings of the report, including:
- Malicious links were the #1 threat category, comprising 35.6% of detected threats
- Identity deception threats are on the rise — increasing YoY from 10.3% to 14.2% (39.6 million) of total detections
- Attackers posed as more than 1,000 different organizations in over 1 billion brand impersonation attempts. The majority of the time (51.7%), they impersonated one of 20 well-known brands
- The most impersonated brand happens to be one of the most trusted software companies: Microsoft. Other top companies impersonated included Google, Salesforce, Notion.so, and more
- One-third (30%) of detected threats featured newly registered domains — the #2 threat category
- Email authentication doesn’t stop threats. The vast majority (89%) of unwanted messages “passed” SPF, DKIM, or DMARC authentication checks
“Phishing is an epidemic that has permeated into the farthest corners of the Internet, preying on trust and victimizing everyone from CEOs to government officials to the everyday consumer,” said Matthew Prince, CEO at Cloudflare. “Email messages and malicious links are nefarious partners in crime when it comes to the most common form of Internet threats. Organizations of all sizes need a Zero Trust solution that encompasses email security – when this is neglected, they are leaving themselves exposed to the largest vector in today’s threat landscape.”
Report Methodology: The report is a culmination of data intelligence and security trends gathered from the 112 billion threats that Cloudflare’s global network blocks daily. Cloudflare evaluated a sample of more than 279 million email threat indicators, 250 million malicious messages, over 1 billion instances of brand impersonation (note that it is possible for one email to have multiple instances of brand impersonations), and other data points gathered from approximately 13 billion emails processed between May 2022 to May 2023. Additionally, this report is informed by a Cloudflare-commissioned study conducted by Forrester Consulting. Between January 2023 and February 2023, Forrester Consulting surveyed 316 security decision-makers across North America, EMEA, and APAC about the state of phishing.
To learn more, please check out the resources below:
About Cloudflare
Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company’s Most Innovative Companies in 2021, and ranked among Newsweek’s Top 100 Most Loved Workplaces in 2022.
Forward Looking Statements
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as “may,” “will,” “should,” “expect,” “explore,” “plan,” “anticipate,” “could,” “intend,” “target,” “project,” “contemplate,” “believe,” “estimate,” “predict,” “potential,” or “continue,” or the negative of these words, or other similar terms or expressions that concern Cloudflare’s expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding the capabilities and effectiveness of Cloudflare’s email security service and Cloudflare’s other products and technology, the benefits to Cloudflare’s customers from using Cloudflare’s email security service and Cloudflare’s other products and technology, Cloudflare’s technological development, future operations, growth, initiatives, or strategies, and comments made by Cloudflare’s CEO and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in Cloudflare’s filings with the Securities and Exchange Commission (SEC), including Cloudflare’s Quarterly Report on Form 10-Q filed on August 3, 2023, as well as other filings that Cloudflare may make from time to time with the SEC.
The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. Cloudflare undertakes no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. Cloudflare may not actually achieve the plans, intentions, or expectations disclosed in Cloudflare’s forward-looking statements, and you should not place undue reliance on Cloudflare’s forward-looking statements.
©2023 Cloudflare, Inc. All rights reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the U.S. and other jurisdictions. All other marks and names referenced herein may be trademarks of their respective owners.
Contacts
Cloudflare, Inc.
Daniella Vallurupalli
Vice President, Head of Global Communications
press@cloudflare.com