Even as the world of computing become ever more complex in many respects – greater computing power, smarter devices, and more advanced artificial intelligence and machine learning, to name a few – one of the most conceptually simple cybercrime techniques remains a significant threat to computers and networks around the world. Phishing, as defined by APWG (formerly the Anti-Phishing Working Group), “employ[s] both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials.”
On September 22, the APWG issued its Phishing Activity Trends Report for the second quarter of 2022. Key findings in the report include:
- General: APWG observed 1,097,811 total phishing attacks in Q2 – “a new record and the worst quarter for phishing that APWG has ever observed. The number of phishing attacks reported to APWG has quadrupled since early 2020, when APWG was observing between 68,000 and 94,000 attacks per month. ”
- Most-Targeted Industry Sectors: For Q2 2022, APWG founding member OpSec Security found that phishing attacks against the financial sector (including banks), “remained the largest set of attacks” (27.6 percent of all phishing). Attacks against webmail and software-as-a-service (SAAS) providers accounted for 19.1 percent of all phishing. While attacks against retail/ecommerce sites dropped from 14.6 to 5.6 percent, phishing against social media companies dramatically increased from 8.5 percent of all attacks in 4Q2021 to 15.5 percent in 2Q2022.
- Ransomware: APWG member Abnormal Security observed not only a decrease in ransomware volume over 1Q and 2Q 2022, but also (as of June 2022) “the smallest number of ransomware victim companies since January 2021.” The five industries most frequently victimized by ransomware during 2Q included manufacturing (24 percent), business services (12 percent), retail and wholesale (10 percent), healthcare (8 percent), and construction (7 percent). In addition, approximately 56 percent of victimized companies had less than US$50 million in revenue, while nearly 13 percent of victim companies had revenues of more than US$500 million.
- Business Email Compromise (BEC) Schemes: According to APWG member Agari by HelpSystems, in Q2 2022 “gift card requests were the most popular cash-out method used by criminals” (39.9 percent), followed by payroll diversion attempts (25.9 percent), advanced fee fraud (15.5 percent), and wire transfers (9.6 percent). The average amount requested in wire transfer BEC attacks was $109,467, an increase from $91,436 in Q1 2022. In addition, two strains of malware accounted for 90 percent of all malware delivered to corporate email boxes: Emotet (47 percent) and Qbot (43 percent).
Information security teams in every business sector should closely review the APWG report and incorporate pertinent details into internal briefings and training for corporate executives and employees. Because maintaining effective cybersecurity in any environment is a constant challenge, it is essential that senior leadership maintain a clear understanding of the most prevalent and immediate threats to their corporate environments and provide information security teams with the tools and resources to cope with those threats.