According to STATISTA, phishing attacks reached an all-time high in the first quarter of 2022.

According to STATISTA, phishing attacks reached an all-time high in the first quarter of 2022.


The number of phishing assaults reached an all-time high in the first quarter of 2022, surpassing one million for the three-month period.


The Anti-Phishing Working Group’s (APWG) Phishing Activity Trends report (PDF) documented 1,025,968 phishing incidents through March 2022.


This was a 15% increase (137,383) over the 888,585 assaults registered in the fourth quarter of 2021. (Q4 2021).


The organization registered 384,291 attacks in March, 309,979 in February, and 331,698 in January.


According to the most recent phishing report, the number of phishing attempts has quadrupled since 2020, when the APWG registered between 68,000 and 94,000 assaults each month.


The APWG monitors phishing, social engineering, and other identity theft techniques reported by its members, researchers, and the general public.


The researchers hypothesized that the number of phishing assaults may correspond to the number of phishing sites discovered during the time period. The reason for this is that phishing schemes may have hundreds of URLs all referring to the same phishing page.


The financial sector was the most frequently targeted by phishing assaults.

most targeted industry sectors by phishing in 2022


The financial sector, which includes banks, has the largest number of phishing assaults, accounting for nearly a quarter of all attacks (23.6 percent).


Webmail and SaaS providers had the second-highest number of assaults (20.5 percent), followed by e-commerce/retail (14.6 percent), social media (12.5 percent), and bitcoin exchange and wallet providers (6.6 percent ).


According to STATISTA, phishing assaults on e-commerce sites and shops decreased by 17 percent following the holiday shopping season, but social media attacks grew by 9 percent.

“Social media attacks against businesses continue to expand rapidly,” stated John LaCour, Principal Product Strategist at HelpSystems’ PhishLabs. “The average corporation is targeted by social media roughly three times every day.”


Impersonation assaults accounted for 47 percent of all social media attacks, up from 27 percent in the preceding quarter, according to LaCour.


“Many businesses are unaware that their CEOs are being spoofed on social media,” LaCour remarked. “This is a significant commercial risk.”


Threat actors also targeted payment and logistics and shipping organizations, accounting for 5.0 percent and 3.8 percent of phishing assaults, respectively, according to the research.


In early 2022, ransomware attacks dropped.

From SOS Support, we believe ransomware attacks dropped because American companies are raising awareness about the cybersecurity threats, and in doing so they are taking measures to protect themselves

Abnormal Security, a member of the APWG, discovered a 25% drop in ransomware assaults. Except for the banking sector, the decrease affected other industries.


According to the research, the decrease in ransomware assaults is due to the demise of the Conti and Pysa ransomware gangs. The researchers hypothesized that law enforcement efforts and infrastructure takedowns helped to reduce ransomware outbreaks.



However, ransomware assaults in the financial services business increased by 35% in Q1 2022. According to Abnormal Security, the number of ransomware assaults on financial institutions grew by 75% in Q1 2022 compared to Q1 2021.




The study ascribed the surge to LockBit ransomware’s increased targeting of financial institutions. These assaults were aimed against “smaller accountancy and insurance businesses.”




LockBit, according to the study, targeted victims large enough to pay the ransom, making the hacking effort valuable and assuring the victims were not too large to be well-served.


According to Garret Grajek, CEO of YouAttest, phishing attempts are the gateway to other cyber threats, such as ransomware.



“Phishing is the biggest source of corporate hacker access,” Grajek stated. “However, it is vital to understand that Phishing is only the first step in the cyber death chain, such as gaining access to a device that has access to the victim’s surroundings.”




To complete a data breach, Grajek proposed that attackers may escalate privileges, move laterally, and retain persistence while talking with command-and-control (C2) servers.




“The objective is to stop the user early in the cycle – zero trust and strong identity governance are critical security measures that prevent the hacker from carrying out the harmful steps of the assault.”


“Recognizing changes in identity and authorization is critical for detecting malicious hacker activity,” Grajek stated.


BEC assaults were steady in the first quarter of 2022, but average losses climbed.

APWG discovered that business email compromise (BEC) assaults remained consistent in Q1 2022, while the amount asked by fraudsters jumped by more than two-thirds.


According to Agari, an APWG member, BEC assaults are “response-based spear-phishing attacks,” in which the attacker impersonates a trusted figure in order to fool the victim into executing a transaction or transferring sensitive information.


Agari discovered that the average amount demanded in wire transfers during BEC assaults climbed by 69 percent, from $50,027 in Q4 2021 to $84,512 in Q1 2022.


The business ascribed the spike to a 280 percent increase in fraudsters’ requests for sums greater than $100,000.


Scammers choose Gmail email and Namecheap domain registration.

The APWG member also discovered that free webmail accounts accounted for 82 percent of BEC emails, with responsible for 62 percent of all harmful emails. Microsoft and Verizon Media were responsible for 20% and 10% of all phishing emails, respectively.


According to the data, Namecheap domain registrar accounted for one-third (33%) of BEC assault domains registered, followed by GoDaddy (13%), Google (12%), PublicDomainRegistry (5%), Hosting Concepts B.V. (5%), and 1&1 IONOS SE (4%).


The majority of threat actor-controlled domains, however, were registered with different domain registrars.


“In the first quarter of 2022, 82% of Business Email Compromise communications were transmitted from free webmail accounts.” “60% of those utilized,” stated John Wilson, Senior Fellow, Threat Research at HelpSystems.


Phishing is frequently used in tandem with various kinds of MITM or supply chain attacks to attempt to log in rather than break through most traditional cyber defenses with relative ease.”


We recommend enterprises, particularly critical infrastructure firms, to strengthen their cyber defenses using military-grade systems that provide enhanced security.


Verified by MonsterInsights