Nowadays, 30% of browser-based phishing attacks are categorized as evasive, giving hackers the opportunity to successfully take advantage of weaknesses in people and get around detection by conventional security solutions.
Menlo Security examined browser security in a recent research. The study found that, in contrast to the first half of 2023, browser-based phishing attacks increased by 198% in the second half of the year. The report indicated a 206% rise when evasive attacks were explicitly examined.
Evasive threats now make up 30% of total browser-based phishing attacks and include tactics such as SMS phishing (smishing), Adversary in the Middle (AITM) frameworks, image-based phishing, brand impersonation or Multi-Factor Authentication (MFA) bypass.
Over 550,000 browser-based phishing attacks were detected in the last 12 months. Legacy Reputation URL Evasion (LURE) attacks increased by 70% since 2022. LURE attacks are characterized by a method in which threat actors evade web filters that attempt to categorize domains based on implied trust.
Recent years have seen a sharp increase in the use of browsers on both managed and unmanaged devices, exposing a massive attack surface that businesses are finding difficult to contain. Unfortunately, ransomware-delivering and credential-stealing zero-hour phishing assaults are not detected by traditional network-based security mechanisms.
According to Amir Ben-Efraim, co-founder and chief executive officer of Menlo Security, “humans remain the weakest link in the cybersecurity chain – unintentionally divulging corporate credentials and secrets – and threat actors have decidedly shifted focus to web browsers as THE point of entry to gain initial access.” “New, highly targeted, cunning, and sophisticated browser-based phishing attempts are constantly emerging, and Menlo Security is keeping an eye out for them by eschewing the use of conventional network- and email-based detection tools. Because browser security is the only effective preventive measure against these contemporary threats, CISOs must concentrate their defenses on it.”
According to the source, phishing is the most frequently used initial attack vector; in fact, 16% of all global data breaches begin with this tactic. It did note, though, that evasive phishing techniques are growing more quickly since they bypass conventional security systems and function even better.
More than 73% of LURE attacks originated from categorized websites, based on 1 million URLs analyzed in the report. Six days is the average latency between when a zero-hour phishing attack first appears and when it is finally added to the detection mechanism for traditional security tools.