Phishing up 36 percent in the last quarter of 2022 as attack tools get more sophisticated
Phishing volumes increased 36 percent, with 278.3M unique phishing emails in the fourth quarter of 2022, while malware volumes increased 12 percent QoQ, accounting for 58.9M emails, in the same period.
The latest Phishing and Malware Report from Vade shows the company detected 278.3 million unique phishing emails in Q4, surpassing the previous quarter’s total by 74.4 million. December saw the biggest jump in phishing emails, up 260 percent, as threat actors tried to cash in on the holiday period, this echoes a similar pattern at the end of 2021.
Major brands continue to be prime targets for the second consecutive quarter, Facebook is the most impersonated brand with more than 6,700 unique phishing URLs in Q4, followed by Microsoft, PayPal, Google, and Netflix. There's also an increasing number of phishing attacks targeting popular productivity applications like Microsoft 365 and Google Workspace.
Looked at by industry, financial services is once again the most impersonated industry, representing 29 percent of phishing pages, followed by social media (24 percent), cloud (19 percent), Internet/telco (15 percent), eCommerce/logistics (11 percent), and government (one percent).
Vade analysts have also identified a recent enhancement that enables phishing kits to automatically localize phishing pages based on a victim's native language. The feature identifies the language settings of the targeted user’s browser and uses it to update and display the phishing page accordingly. While improving the contextual accuracy of each phishing attack, the new feature also enables hackers to target users across multiple languages using a single kit, increasing the reach of their campaigns.
There's evidence too that AI tools like ChatGPT are being weaponized in order to overcome the grammatical and other errors that have historically plagued phishing emails making them easier to spot.
You can read more on the Vade blog.
Image credit: weerapat/depositphotos.com