Phishing attacks bounce back after pandemic slowdown
After a tailing off during the pandemic, phishing is back, with more attacks spotted in the second quarter of this year than for the whole of 2021.
The latest phishing and malware report from Vade also shows that malware emails decreased 48 percent month-on-month -- down from 32.9 million in March to 17 million in April -- but rebounded 31 percent May, with 22.4 million malware-weaponized emails detected. June saw even higher malware volumes (28.9 million), a 29 percent increase from the previous month.
In the first half of 2022 Vade detected 125,005,545 malware emails and 315,846,480 phishing emails. In all of 2021 the company detected 241,900,915 malware emails.
Impersonating big brands continues to be the main tactic. Facebook is the most used brand for attacks in Q2, taking the top spot from Microsoft. Japanese telecommunications company, Au, is the second most impersonated brand, followed by Microsoft, Credit Agricole, and WhatsApp.
The financial services industry is the most targeted of Q2, accounting for 31 percent of all unique phishing URLs detected by Vade, followed by social media (23 percent), Internet/Telco (20 percent), and cloud (17 percent).
Emotet continues its resurgence, with attacks in Europe increasing 44 percent in Q2, with 70,762 Emotet-weaponized emails compared to 49,216 attacks in Q1. Emotet attacks in the US though showed a 32 percent decline.
The report's authors conclude, "The relative ease with which hackers can deliver punishing cyberattacks via email makes email one of the top vectors for attack and a constant menace for businesses and end users. Phishing emails impersonate the brands you trust the most, offering a wide net of potential victims and a cloak of legitimacy for the phishers masquerading as brands. Email-borne malware is significantly easier to distribute than remote attacks, providing even inexperienced hackers with a quick and efficient method of causing destruction."
You can read more on the Vade blog.