Phishing attacks grew 29% in 2021 overall. Smishing is on the rise

Phishing attacks have grown 29% in 2021 compared to 2020 according to analysis by Zscaler’s ThreatLabz research team.

The researchers analyzed data from more than 200 billion daily transactions and 150 million daily blocked attacks, publishing the findings in the ThreatLabz Phishing Report 2022.

The report, which is available here to download after completing a form, identifies key phishing trends and targets for 2021 and includes predictions for 2022 and 2023.

Phishing is still a huge cyber threat

Phishing remains a pervasive threat around the world, but it is evolving. The research team noted a 29% increase in phishing attacks in 2021. It attributes the increase to several factors: from low-level fencing, to running phishing campaigns, to improved security systems that organizations and home users implemented to protect against malware and other forms of malicious attacks. attacks

Social engineering attacks are on the rise as researchers say they are harder to detect and stop.

Another factor that plays a role in the rise of phishing attacks is automation and the toolsets that attackers can use. Ready-to-use phishing kits do not require deep technical knowledge and include “everything
necessary to conduct an effective, low-effort email or web-based phishing attack.

Phishing is still a global problem. While the United States remains the most attacked country globally, with over 60% of all phishing attacks blocked by Zscaler’s Security Cloud, it is not the only country experiencing these attacks. It is followed in the ranking by Singapore, Germany, the Netherlands, the United Kingdom, the Russian Federation, France, China, Hungary and Ireland.

Zscaler’s system reported an increase in phishing attacks in 2021 for the majority of countries in the top 10. Five countries saw an increase of more than 100% each, with Singapore (829%) and the Russian Federation ( 799%) in the lead. Most, with the exception of Germany (40%), the United States (7%) and the Netherlands (-38%), saw large increases.

Phishing attacks target all industry sectors, but retail and wholesale, manufacturing, and services are targeted the most. Attacks on retail and wholesale targets saw a 436% increase according to the report. Finance, government and all unspecified sectors also saw increases of more than 100%.

The attacks against these sectors capitalized on the global pandemic and the drive by consumers to buy products online.

Several industries saw a decline in phishing attacks in 2021. Zscaler’s research term lists technology and communication, services, and healthcare as the three sectors with reduced attacks.

Microsoft, illegal transmission and Covid-19 are the most attacked

More than 30% of all phishing attacks mimicked Microsoft in 2021, with 13.6% mimicking illegal streaming sites and 7.2% mimicking Covid-19 sites. Illegal streaming phishing spiked during major sporting events, including the Tokyo Olympics in 2021. Covid-19 phishing emerged in 2020, the year the Covid pandemic began, and continued to be a major threat in 2021.

The researchers don’t explain the large percentage of Microsoft, but they do explain that Covid-19 and illegal transmission phishing attacks have “lower barriers” than phishing attacks that mimic established brands. Consumers have little or no expectation of what Covid-19 or illegal streaming sites should look like or be accessed. The use of new domain names does not raise the same level of concern as the use of new domains for established brands.

Two additional Microsoft services are listed separately in the top 20 list. Microsoft’s file synchronization and hosting service, OneDrive, ranks sixth with a total of 3.6%, and Microsoft 365 ranks twelfth with 1.6% of attacks. Microsoft products account for more than a third of all attacks according to the graph. Telegram, Amazon, PayPal, Binance and Google are also included in the list.

Evolution of phishing trends

Zscaler’s research term saw increasing uses of secure domains and trusted platforms in phishing attacks. Threat actors use different methods to execute their attacks. Advertising, the use of sharing sites such as Evernote or Dropbox, and posting messages on forums, marketplaces, or web blogs are commonly used in attacks.

The list of top referral sites includes google.com, adobe.com, evernote.com, luxherald.com, or googlesyndication.com.

Threat actors use different infrastructures to host phishing sites. More than 50% of all phishing sites use web hosting providers to blend in with legitimate sites, especially if IP addresses are shared between sites at the hosting provider.

Phishing as a service gained more traction in 2021. The use of phishing kits and open source tools has increased, and groups that produce and update phishing toolkits have been created. Attackers buy toolkits to reduce the cost and time it takes to run phishing campaigns.

In addition to requiring less technical knowledge to run, phishing toolkits include “sophisticated templates” that “have largely eliminated the characteristic typos, misspellings, bad grammar, and unsigned certificates previously relied on.” to identify phishing scams.

Smishing, SMS Phishing, is another evolving trend. While it has been around since at least 2006, smishing has seen a 700% increase in the first quarters of 2021 alone, according to one report. One explanation for the rise in smishing attacks is that the type of attack is not as well known as email phishing. While computer users may be aware of email phishing, they may be less aware of other types of phishing, including SMS phishing. Another reason for the increase is that it can be more difficult to verify the sender and loaded websites on mobile web browsers. Covic-19 scams and crypto-related phishing are also evolving.

Best practices to improve defenses against phishing

Phishing attacks will continue to be a huge threat in 2022 and beyond. Employee training can reduce the likelihood of successful attacks against an organization’s infrastructure. A 2020 study from Stanford University reported that nearly 88% of all data breaches were due to human error. End-user awareness training is critical, according to the Zscaler report.

Organizations can implement technical and policy defenses to protect infrastructure and data against successful phishing attacks. Up-to-date antivirus software and advanced threat protection services, regular patching, email scanning, and encrypted traffic inspections are specifically helpful.

Using multi-factor authentication will stop most phishing attacks, as attackers cannot use just a user’s username and password to log into systems. The second layer of verification, which can be provided by an application or hardware device, blocks entry to systems. (via Born)

advertising