Employees clicked phishing links more often in 2024

Enterprise employees clicked on phishing links nearly three times more often in 2024 compared to the prior year, according to Netskope Threat Labs’ latest annual Cloud and Threat Report.

The report found that more than eight out of every 1000 enterprise users clicked on a phishing link each month, compared to three in 1000 in 2023.

The top target for successful phishing campaigns in 2024 were cloud applications such as Microsoft OneDrive and Google Drive, which represented more than a quarter of phishing clicks for the year. Among these apps, Microsoft was by far the most targeted brand, with attackers particularly targeting Microsoft Live and Microsoft 365 credentials.

The report found that attackers often seek to take advantage of the implicit trust that their victims give to these and other major, well-known platforms. In 2024, downloads of malicious content from popular cloud apps were observed in 88% of organisations at least once per month. Likewise, the report found that 88% of employees used personal cloud apps monthly during the year, with 26% uploading, posting or otherwise sending data to personal apps.

The most commonly observed type of data policy organisation within organisations was for regulated data, such as personal, financial or healthcare data, being uploaded to personal apps (60%). Other types of data involved in policy violations included intellectual property (16%), source code (13%), passwords and keys (11%), and encrypted data (1%).

Meanwhile, the report found that the exponential growth in the use of generative AI tools such as ChatGPT is exposing enterprises and users to more risk.

Organisational use of GenAI grew to 94% of companies in 2024, the report found, with the employee use rate of GenAI apps tripling to 7.8% from 2.6% in the prior year. Organisations are now using an average of 9.6 GenAI apps, with the top 25% of organisations now using at least 24 such apps.

Netskope said enterprises are still in the early stages of building security controls governing the use of AI, with only 45% of organisations using data loss prevention tools to control the flow of data into AI apps. But 73% of organisations are already blocking at least one GenAI app, with the top 25% of organisations blocking 14.6 apps on average.

Netskope Threat Labs Director Ray Canzanese said the findings demonstrate the need for modern data security in order for organisations to safely enable the use of apps in the enterprise.

“Gone are the days when data security was an afterthought. It must be seamlessly integrated into every aspect of an organisation’s operations,” he said. “From defending against phishing to safeguarding personal apps and managing GenAI, data security is no longer just a perimeter defence. It is a dynamic, proactive framework with real-time user coaching, DLP and app-specific controls to stay ahead of an ever-changing threat landscape.”

Image credit: iStock.com/Just_Super