Threat Trend Awareness – Cloudflare 2023 Phishing Threats Report Finds Over 30% of Phishing Attacks Use New Domains

Cloudflare has releases its inaugural Phishing Threats Report for 2023, with a key takeaway that over 30% of phishing attacks rely on newly registered domains, making them more difficult for network defenders to detect.

The report tracks brand impersonations, finding that threat actors posed as more than 1,000 organizations. However, 51.7% of observed impersonations were of at least one of 20 well-known brands, with Microsoft being the most impersonated. Other top impersonated brands included Google, Salesforce, and Notion.so. The report also found that 89% of phishing messages passed standard email authentication measures, such as SPF, SKIM, or DMARC, showing the limited validity of this security solution. Members are encouraged to read the report, review the effectiveness of their email authentication mitigations, and consider focused security awareness training on how to detect brand impersonations. Read more at Help Net Security.