Phishing volumes increase over 30 percent with well-known brands as favorite targets
The latest report from email security and threat detection company Vade shows the volume of phishing emails up 31 percent in the last quarter compared to Q2.
Volumes peaked in July (79.2 million), dipping in August (57.5 million), and rebounding in September (67.2 million). If this pace continues through Q4, phishing volumes in the second half of 2022 are set to exceed those reached in the first half (315 million).
Impersonating trusted and established brands remains a favorite tactic. Vade detected numerous phishing schemes exploiting some of today's most established companies. Q3's phishing results saw Facebook emerge as the top impersonated brand for the second consecutive quarter, followed by Google, MTB, PayPal, and Microsoft rounding out the top five.
The financial services sector once again takes the top spot as the most impersonated industry, representing 32 percent of phishing emails detected by Vade, followed by cloud (25 percent), social media (22 percent), and internet/telco (13 percent).
There's a growing trend towards more targeted attacks too. In July, Vade detected a sophisticated phishing scheme that impersonates Instagram and exploits its highly sought-after verification program. The campaign targets victims with emails that display their actual usernames, which creates the illusion of legitimacy and shows that hackers are spending time researching their targets before each attack.
Phishers have also been exploiting legitimate services to launch attacks. For example they've made use of Pôle Emploi, a career website operated by the French government, to distribute phishing links to organizations recruiting candidates for job openings. Hackers respond to job postings and upload a PDF resume containing malicious links. Once submitted, the platform generates an email containing the malicious PDF, which it auto-sends to the recruiting company for review. Because the phishing campaign uses Pôle Emploi's legitimate servers, IP address, and domain name, it's difficult for email filters and victims to detect.
You can find out more in the full report available from the Vade site.