Nearly Half of Phishing Attacks Are Polymorphic

June 4, 2019
Nearly Half of Phishing Attacks Are Polymorphic
  1. Home
  2. News
  3. Nearly Half of Phishing Attacks Are Polymorphic

Nearly one in two phishing attacks are polymorphic, according to research by IRONSCALES. The self-proclaimed world's first automated phishing prevention, detection and response platform identified 11,733 email phishing attacks that underwent at least one permutation over 12 months, with 52,825 permutations impacting 209,807 inboxes across the world.    

Polymorphism occurs when an attacker implements slight but significant and often random changes to an email, such as its content, copy, subject line, sender name or template, in conjunction with or after an initial attack has deployed. This approach means that attackers can quickly develop phishing attacks that trick signature-based email security tools that were not built to recognize such modifications to threats, ultimately allowing different versions of the same attack to land undetected in employee inboxes. 

This brings extra complexities to security teams who try to defend against polymorphic phishing attacks. According to IRONSCALES, thee attacks remain one of the "most time-consuming and burdensome tasks," especially as phishing kits can be inexpensive on the dark web. Currently, decentralized and distributed intelligence, coupled with non-signature-based email security tools that use artificial intelligence and machine learning to cluster similar attacks together, has proven most successful at mitigating polymorphic email phishing threats.

“Polymorphic email phishing threats represent an incredibly difficult challenge for SOC and IT security teams to overcome,” said Eyal Benishti, founder and CEO, IRONSCALES. “Just as security personnel think that they may have a phishing threat under control, attackers can augment the artifacts to give the message an entirely new signature, thereby enabling what is for all intents and purposes the same malicious message to bypass the same human and technical controls that might have stopped a previous version of the attack.”

These findings come weeks after the company found that secure email gateways (SEGs) failed to stop 99.5% of all non-trivial email spoofing attacks.

Tags:

No tags.

JikGuard.com, a high-tech security service provider focusing on game protection and anti-cheat, is committed to helping game companies solve the problem of cheats and hacks, and providing deeply integrated encryption protection solutions for games.

Explore Features>>

Top

None
Client Protection Frontlines: The Silent Battle Against Game Hacking
May 23, 2025
None
PC Gaming Protection: Advanced Strategies for Game Developers in 2025
May 23, 2025
None
Virtual Asset Protection in Focus: Inside Korea’s Groundbreaking User Safeguard Act
May 23, 2025
None
Top Insights into Digital Rights Management (DRM): Protecting the Future of Gaming
May 23, 2025
None
Elden Ring movie in development in collaboration with A24 and Alex Garland
May 23, 2025

Tags

Featured BlogsTop StoriesLayoffsBlogsCultureGenerative AIFeaturesGDC 2024UnityHorror GamesUbisoftValveStaff BlogOmdia | Game Industry AnalysisGame Developer EssentialsState of the Game Industry ReportGame Developer's 2024 Wrap-Up: Top Games Devs and TrendsGame Developer CollectiveAudioDesignerSpotlight SeriesDeep Divesunity encryption[Company] UnityArtist[Company] Xbox[Company] PlayStationCooking GamesAnti-modifierGame SecurityRootRoot detectionAssetbundle encryptionGodotCareer adviceQ&A'sGameGuardianModifierAnti-RootSignature verificationUnity Hardeningab package encryptioniOS resource encryptionCECheat EngineAnti-CrackingGame Anti-HackingAnti-Hacking

Recent

None
Client Protection Frontlines: The Silent Battle Against Game Hacking
May 23, 2025
None
PC Gaming Protection: Advanced Strategies for Game Developers in 2025
May 23, 2025
None
Virtual Asset Protection in Focus: Inside Korea’s Groundbreaking User Safeguard Act
May 23, 2025
None
Top Insights into Digital Rights Management (DRM): Protecting the Future of Gaming
May 23, 2025
None
Elden Ring movie in development in collaboration with A24 and Alex Garland
May 23, 2025
None
FTC concedes defeat in appeal over Microsoft merger with Activision Blizzard
May 23, 2025
None
Candy Crush boss Todd Green appointed president of mobile powerhouse King
May 23, 2025
None
Former Lego Group child safety expert joins Roblox as head of parental advocacy
May 23, 2025
None
DragonForce Engages in "Turf War" for Ransomware Dominance
May 23, 2025
None
Embracer is spinning off Coffee Stain Group and rebranding its remaining business
May 22, 2025

Popular

None
nDreams CEO Patrick O'Luanaigh is stepping down after two decades
May 22, 2025
None
#Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill
May 22, 2025
None
Western Logistics and Tech Firms Targeted by Russia’s APT28
May 22, 2025
None
Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
May 22, 2025
None
Sensitive Personal Data Stolen in West Lothian Ransomware Attack
May 22, 2025
None
Critical Vulnerabilities Found in Versa Networks SD-WAN/SASE Platform
May 22, 2025
None
Coinbase Breach Affected Almost 70,000 Customers
May 22, 2025
None
Kettering Health Cyber-Attack Disrupts Services
May 22, 2025
None
AI-Generated TikTok Videos Used to Distribute Infostealer Malware
May 22, 2025
None
Report: Playtika-owned studio Wooga has laid off 50 people
May 21, 2025

Random

None
Debt Collector Data Breach Affects 200,000 Harbin Clinic Patients
May 20, 2025
None
M&S Braces for £300 Million Cyber-Attack Costs
May 21, 2025
None
DragonForce Engages in "Turf War" for Ransomware Dominance
May 23, 2025
None
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers
May 20, 2025
None
Candy Crush boss Todd Green appointed president of mobile powerhouse King
May 23, 2025
None
Former Lego Group child safety expert joins Roblox as head of parental advocacy
May 23, 2025
None
Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
May 22, 2025
None
Report: Playtika-owned studio Wooga has laid off 50 people
May 21, 2025
None
AI-Generated TikTok Videos Used to Distribute Infostealer Malware
May 22, 2025
None
Sensitive Personal Data Stolen in West Lothian Ransomware Attack
May 22, 2025

Most Views

None
Voice actor union strikes back after Fortnite debuts controversial AI-powered Darth Vader
May 20, 2025
None
Dungeons of Hinterberg publisher Curve Games acquired by Nazara Technologies
May 20, 2025
None
New 23andMe Buyer Regeneron Promises to Prioritize Security
May 20, 2025
None
Half of Consumers Targeted by Social Media Fraud Ads
May 20, 2025
None
Mounting GenAI Cyber Risks Spur Investment in AI Security
May 20, 2025
None
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers
May 20, 2025
None
Debt Collector Data Breach Affects 200,000 Harbin Clinic Patients
May 20, 2025
None
Uncensored AI Tool Raises Cybersecurity Alarms
May 20, 2025
None
Top Anti-Malware Strategies That Are Revolutionizing Game Security in 2025
May 19, 2025
None
Bungie confirms the use of stolen art assets in Marathon alpha
May 19, 2025