Zscaler reports over 79 million phishing attempts in India, third highest globally


Zscaler, Inc. (NASDAQ: ZS), a leading cloud security firm, recently announced its Zscaler ThreatLabz 2024 Phishing Report which provided an analysis based on 2 billion blocked phishing attempts captured by their Zscaler Zero Trust Exchange™ during 2023. The report shows a substantial 60% increase in phishing attacks globally, attributed partly to sophisticated AI-generated scams like voice phishing and deepfake techniques.

Deepen Desai, CSO and Head of Security Research at Zscaler, highlighted the critical need for robust phishing defenses, especially given the complex nature of threats that now leverage generative AI. The report underscores the importance of proactive, layered security measures that incorporate a zero trust framework and AI-powered phishing controls.

According to the report, the United States, the United Kingdom, and India were the primary targets, with India alone facing over 79 million phishing attempts, making it the most targeted country in the Asia-Pacific and Japan (APJ) region. The report’s data reveals that the U.S., the U.K., and Russia were the main origins of phishing attacks, while Australia also saw a significant rise due to a 479% increase in phishing content hosted there.

Sector-wise, the finance and insurance industries globally, and the technology sector in India, were the most affected, demonstrating the high-risk levels associated with digital financial transactions and tech infrastructures.

Also Read | Zscaler releases 2024 AI security report highlighting key trends in enterprise AI/ML tool usage

The report also noted that Microsoft was the most frequently impersonated brand, indicating the high value cybercriminals place on Microsoft user credentials.

The Zscaler ThreatLabz report emphasizes the effectiveness of a Zero Trust architecture in combating phishing. It details strategies like TLS/SSL inspection, AI-enhanced browser isolation, and strict access controls that prevent access to malicious sites, thereby mitigating risks at various stages of potential cyber attacks.

Exit mobile version