Emerging Phishing Attack Trends: A South African Case Study

Phishing is a common type of cyber-attack, that uses fraudulent emails or text messages to trick victims into revealing personal information that could further be used to commit actual cyber-crimes. Phishing attacks are prevalent in the cybersecurity space and are becoming complicated and varied as new technologies enter the market. As generative artificial intelligence platforms also become prevalent, we note that phishing attacks become even easier to craft. These attacks pose a real threat and challenge for businesses and individuals, particularly as digital transformation transcends into all spheres of our daily lives. Existing phishing or spam detection techniques do not always evolve as fast as the attack vectors emerge. Further, reporting of phishing emails or fraudulent text messages by users is not engrained in the business culture. The modus operandi of attackers before COVID-19 have changed with new phishing and smishing attack vectors emerging as the different technologies get adopted by users. The objective of this paper is to use phishing data collected from two anonymous South African organizations to technically examine the emerging phishing attack trends. We analyze and map the emerging phishing attacks using thematic analysis, payload analysis, and perceived objectives of the attack which include promoting spam emails, harvesting personal information, hacking into organizations’ networks and so on. The paper contributes by developing technical and strategic guidelines on how phishing attacks could be mitigated through a cyber-resilience culture.