Phishing risk has been steadily escalating, and the danger of a phishing-based cyberattack has been escalating for businesses in every sector too. This menacing precursor to many devastating cyberattacks like ransomware, account takeover and business email compromise, is unfortunately also one of the toughest threats for IT professionals to conquer. Employees are notoriously bad at spotting and stopping phishing, and that failure can lead to an array of horrible consequences. New information indicates that the problem isn’t going to become less pressing anytime soon.
Explore today’s biggest threats & what’s next in The State of Email Security 2022 GET IT>>
Phishing Climbs to New Heights
Phishing has reached new heights, scoring an all-time high in Q1 2022 by surpassing one million recorded attacks. This is unwelcome news for IT professionals who have been contending with a non-stop tide of phishing-related threats that has only grown more dangerous since the start of the global pandemic. The Anti-Phishing Working Group (APWG) recently released a report noting that they recorded 1,025,968 total phishing attacks in Q1 2022, with the largest number noted in March. This is a substantial increase over the prior record of 888,585 attacks, observed in Q4 2021. Researchers also noted that the number of phishing attacks that they’ve recorded has more than tripled since early 2020 when they saw between 68,000 and 94,000 attacks per month.
|Number of unique phishing Web sites (attacks) detected||331,698||309,979||384,291|
|Unique phishing email subjects||15,275||14,176||24,187|
|Number of brands targeted by phishing campaigns||608||621||673|
The road to security success begins with 5 Steps to Ransomware Readiness! GET IT>>
How is Phishing Volume Measured?
The three measures that the APWG have used to guide their measurements have been selected to provide a clear view of the phishing landscape.
- Unique phishing sites. This is a commonly recognized measure of the level of phishing seen around the world. The number of unique phishing sites is determined by recording the unique base URLs of phishing sites found in phishing emails reported to APWG. It’s important to note that a single phishing site may be the basis for thousands of customized URLs used in phishing operations. All of those URLs lead to basically the same attack or destination.
- Unique phishing e-mail subjects. This is APWG’s count of email phishing lures that have different or unique email subject lines. Some phishing campaigns may use the same subject line but lead to different phishing sites. This metric is used as a general measure of the variety of phishing attacks that researchers have exposed and can be seen as a rough approximation of the total amount of phishing taking place.
- Brand appearances. The APWG also counts the number of brands that phishing perpetrators have attacked. This is done by APWG researchers analyzing the phishing reports that they receive and correctly noting the brand names. Brand names may vary in spelling in phishing lures, making it hard for researchers to categorize them until all of that is untangled.
See 10 reasons why Graphus is better than other email security solutions. SEE THE LIST>>
Phishing Risk is Constantly in Flux
Researchers noted changes in phishing patterns in many industries, and it’s easy to see that phishing is a foe that constantly evolves, making it a threat that can be hard to pin down. APWG researchers noted that phishing attacks against webmail and software-as-a-service (SaaS) providers remained prevalent, as they were in late 2021 as well. Seasonal shifts occurred in the pace of attacks against retail and eCommerce companies falling from 17.3% in late 2021 to 14.6% after the holiday shopping season. Phishing against social media sites also rose in the first part of 2022, climbing from 8.5% of all attacks in Q4 2021 to 12.5% in Q1 2022. Phishing around cryptocurrency has continued to be a problem. Cryptocurrency exchanges and wallet providers were hot phishing topics and phishing risk around them remained steady from late 2021, inching up from 6.5% in late 2021 to 6.6% in Q1 2022.
Most Targeted Industries
in % of total phishing messages analyzed
Bad Actors Continue to Hammer the Finance Sector
In the first quarter of 2022, APWG that phishing attacks against the financial sector, which includes banks, remained the largest set of attacks, accounting for 23.6 percent of all phishing. Financial Services has been a beleaguered sector for phishing and cyberattacks – including ransomware, which has hammered the sector. Phishing is a common precursor to a ransomware incident. IBM’s Cyber Resilient Organization Study offers a breakdown of the most likely ways that ransomware gets to targeted organizations. When considering organizations that sustained at least one ransomware attack in 2021, researchers determined that four major causes represented the catalyst for ransomware events.
How Organizations Encountered Ransomware
|Phishing or social engineering||45%|
|Insecure or spoofed websites||22%|
Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>
Ransomware Risk Can Shift with Phishing
2021 was a banner year for ransomware, but one bright spot in this report is that APWG researchers noted that the total number of ransomware attacks that they observed has decreased in Q1 2022, falling 25% from the level recorded in late 2021. The top industries impacted by ransomware in Q4 2021 were in the Manufacturing, Business Services, Finance, and Retail and Wholesale sectors. One-quarter of all of the ransomware attacks that were recorded by analysts in Q2 2022 were aimed at Manufacturing companies, followed by Business Services companies and Finance firms.
Ransomware Attacks in Q1 2022
|Retail & Wholesale||8.3%|
Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>
Choose a Powerful Defender to Stop Phishing
AI-powered email security from Graphus is a strong and affordable addition to any company’s defensive strategy. It also saves money on tech time by automating threat discovery and analysis to ensure that techs aren’t bogged down with false alarms. Plus, Graphus gathers its own threat intelligence using machine learning as it absorbs new information about a company’s communication patterns with every interaction. The best part? Automated email security with a solution like Graphus stops 40% more phishing messages from reaching an employee inbox than conventional security or a SEG.
How does Graphus do it?
- TrustGraph uses more than 50 separate data points to analyze incoming messages completely before allowing them to pass into employee inboxes. TrustGraph also learns from each analysis it completes, adding that information to its knowledge base to continually refine your protection and keep learning without human intervention.
- EmployeeShield adds a bright, noticeable box to messages that could be dangerous, notifying staffers of unexpected communications that may be undesirable and empowering staffers to report that message with one click for administrator inspection.
- Phish911 enables employees to instantly report any suspicious message that they receive. When an employee reports a problem, the email in question isn’t just removed from that employee’s inbox — it is removed from everyone’s inbox and automatically quarantined for administrator review.