A recent report from Darktrace has noted a surge in phishing attacks leveraging trusted business platforms such as Dropbox, SharePoint, and QuickBooks, according to TechRepublic.
The campaigns involve attackers embedding malicious links within legitimate domains, making detection difficult. In 2024, 96% of phishing emails used existing domains rather than new ones, with cybercriminals exploiting services like Zoom Docs, Adobe, and HelloSign.
Malicious payloads are also delivered through hijacked email accounts, including those from Amazon Simple Email Service. Darktrace said it detected 30.4 million phishing emails last year, with 2.7 million using multistage payloads and nearly one million containing malicious QR codes.
AI-generated phishing tactics have also become more sophisticated, with complex linguistic patterns and targeted spear phishing making up 38% of attacks.
Threat actors are also employing living-off-the-land techniques, using vulnerabilities in internet-facing devices like Ivanti and Fortinet to gain access and execute attacks with pre-installed enterprise tools.
Meanwhile, ransomware groups such as Akira and Black Basta increasingly use software like AnyDesk and Atera for stealth attacks and are hiring themselves out for Ransomware-as-a-Service or Malware-as-a-Service jobs, with Malware-as-a-Service activity rising by 17% in 2024.
