www.tripwire.com
Open in
urlscan Pro
192.229.182.232
Public Scan
URL:
https://www.tripwire.com/state-of-security/security-data-protection/phishing-threat-trends-intelligence-report/
Submission: On June 24 via api from US — Scanned from GB
Submission: On June 24 via api from US — Scanned from GB
Form analysis
1 forms found in the DOMGET /state-of-security
<form action="/state-of-security" class="form form-search" id="search-form" method="get" target="_self" __bizdiag="115" __biza="WJ__"><input id="s" name="s" type="text" value="" placeholder=""><button class="btn-search" type="submit"> </button>
</form>
Text Content
Skip to content ↓ | Skip to navigation ↓ THE STATE OF SECURITY NEWS. TRENDS. INSIGHTS. Tripwire, Inc. Toggle navigation * Featured Articles * Topics * DevOps * Cloud * ICS Security * Vulnerability Management * Security Controls * Government * Healthcare * Regulatory Compliance * Podcasts * VERT * Resources * Tripwire Resources * Slideshare * EXPLORE TRIPWIRE Home » News » Q1 2022 Phishing Threat Trends and Intelligence Report Q1 2022 PHISHING THREAT TRENDS AND INTELLIGENCE REPORT * Tripwire Guest Authors * * Jun 20, 2022 * IT Security and Data Protection In 2022, phishing attacks have not only increased substantially, but they have also taken a new turn of events. According to the Agari and PhishLabs Quarterly Threat Trends & Intelligence report, phishing attacks are gradually being delivered through a wide range of online platforms. The classic email phishing attack technique has increased slightly, while other significant phishing trends include: * Impersonation scams through social media. * Dark web threats, such as credit card fraud. * Business Email Compromise (BEC) attacks. * Hybrid Vishing attacks. Some detail about how enterprises and consumers are targeted by phishing attacks on these diverse platforms is worthy of deeper exploration. PHISHING THREAT TRENDS As compared to Q1 2021 this year’s volume of total phishing sites showed a steady growth of 4.4% from January to March. Furthermore, it is anticipated that these numbers would increase throughout 2022. Financial businesses were the top targets, affected mostly by credential theft phishing. While the incidence of this method declined by 7.4% from Q4 2021, it was still a remarkable 53.8% out of all attacks. The entire technology sector was targeted more in Q1, notably social media (21.5%), webmail/online services (5.5%), ecommerce (1.9%), and cloud storage/hosting. The largest increase of attack volume of credential theft (+9.6%) was reported in the social media industry. Paid domain registrations or compromised sites were primarily used to stage the majority of phishing sites. This staging method is the first instance in five consecutive quarters, representing the highest of 52% of abused paid services from all incidences. The most common staging method was through compromising existing websites 35.1%. 66% of phishing sites were staged on legacy generic Top-Level Domains (gTLDs), which contributed to almost half of all domain abuse phishing activity. Of course, these dizzying numbers are more easily understood in the chart from the report. Credential theft still reigned supreme in all of the threats in corporate email systems. What is interesting to note is that employees are treating many messages with high caution. However, 82% of the reported emails were identified as “No Threat Detected”. While this heightened sensitivity could generate some cynicism about the value of security awareness training, the report notes that: > “While the majority of employee-reported emails are not classified > as malicious, the identification and reporting of suspicious activity > by a trained workforce is needed to prevent attacks that increasingly > make it past email filters.” In 2022, it is somewhat unbelievable that 419 “Nigerian Prince” response-based attacks have increased by 3.3%. The fact that this decades-old scam still exists is almost breath-taking. Prior to the internet, these scams were transmitted via fax machines. Unfortunately, the report does not indicate the success rate of these scams, but their continued existence would suggest that they are still effective. SOCIAL MEDIA THREAT TRENDS The volume of threats from social media channels has advanced 27% from Q4 to Q1 single-handedly. This is a 107% increase targeting enterprises. Impersonation scams are the most frequent method of social media attacks, followed by fraud, and traditional account compromise techniques. Financial institutions still remain the primary target of social media attacks. DARK WEB THREAT TRENDS The top dark web threat cited in the PhishLabs report is credit card fraud. The dark web is highly famous for publishing stolen card data, which has contributed 53.7% from the total share of dark web threats, despite a 20% decline in Q1. The second most common dark web threat is the sale of corporate credentials. 64% of the stolen data was primarily marketed on carding marketplaces and forums. Forums gained a large 9.3% increase of activity from all dark web marketplaces. Similar to social media attacks, financial institutions are the most targeted industries for dark web attacks. Credit unions, and Financial Services companies round out the list. CONCLUSION The report indicates technological and strategical improvements in phishing tactics, and enterprises are targeted more than private consumers. Phishing attacks have leveraged various media to execute malicious activity. Apart from the traditional email delivery mechanism, social media is the highest trending platform. Organizations need to be vigilant against these scams and carefully maintain a presence on these platforms to confirm their authenticity and validity to avoid phishing activity, and to secure the name of the company. One way for organizations to protect against phishing attacks is to enforce email filters, and apply security protocols in their systems to reduce the impact of credential theft attacks. While it is true that some staff members will become overly cautious, security awareness training is still a valid and valuable defence. Organizations should pay close attention to the diverse platforms that are available today which allow threat actors to easily perform many fraudulent activities. Phishing attacks are being executed in various forms, using myriad tactics. It is the responsibility of each organization to address any phishing related activities for the awareness of consumers and even employees. Proper monitoring of these platforms, and the application of appropriate security protocols and mechanisms to deter phishing threats is a valuable security approach. -------------------------------------------------------------------------------- About the Author: Dilki Rathnayake is a Cybersecurity student studying for her BSc (Hons) in Cybersecurity and Digital Forensics at Kingston University. She is also skilled in Computer Network Security and Linux System Administration. She has conducted awareness programs and volunteered for communities that advocate best practices for online safety. In the meantime, she enjoys writing blog articles for Bora and exploring more about IT Security. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc. SHARE THIS POST Categories Featured Articles, IT Security and Data Protection Tags intelligence, Phishing, Report, threat -------------------------------------------------------------------------------- ABOUT TRIPWIRE GUEST AUTHORS Tripwire Guest Authors has contributed 1,074 post to The State of Security. View all posts by Tripwire Guest Authors * RSS * Facebook * Twitter * YouTube * LinkedIn RECENT POSTS * NHS warns of scam COVID-19 text messages * What you need to know about PCI 4.0: Requirements 5, 6, 7, 8 and 9 * NIST SP 800-161r1: What You Need to Know * The actual cost of a breach – reputation, loss of customers, fines, suspension of business * Q1 2022 Phishing Threat Trends and Intelligence Report * Reexamining the “5 Laws of Cybersecurity” * Cyberthreat Defense Report 2022: Key Points You Should Know * Interpol arrests thousands of scammers in operation “First Light 2022” * Grooming lies and their function in financial frauds * Tripwire Products: Quick Reference Guide TOPICS * ICS Security * Cloud * IT Security and Data Protection * Latest Security News * Regulatory Compliance * Government * Vulnerability Management ABOUT * About * Contributors * Write for us * Privacy Policy * Tripwire.com CONTACT US US Headquarters Tripwire, Inc. 308 SW 2nd Ave Suite 400 Portland, OR 97204 Direct: 503.276.7500 International Offices SEARCH * RSS * Facebook * Twitter * YouTube * LinkedIn * © 2022 Tripwire, Inc. All rights reserved.