Trying to get one more regular story in before the craziness starts tomorrow! According to the Anti-Phishing Working Group (APWG), phishing attacks hit an all-time high last December.
Reported by Help Net Security here last week, APWG saw 316,747 phishing attacks in December 2021 — the highest monthly total observed since it began its reporting program in 2004. Overall, the number of phishing attacks has tripled from early 2020.
In the fourth quarter of 2021, the financial sector, which includes banks, became the most frequently attacked cohort, accounting for 23.2 percent of all phishing. Attacks against webmail and software-as-a-service (SaaS) providers remained prevalent as well. Phishing against cryptocurrency targets — such as cryptocurrency exchanges and wallet providers — inched up to represent 6.5 percent of attacks.
Ransomware is up too. Abnormal Security observed 4,200 companies, organizations, and government institutions falling victim to ransomware in Q4 2021, some 36 percent higher than in Q3 2021 and the highest number the company has witnessed over the past two years.
“The overall distribution of ransomware victims indicates that ransomware attacks are industry-agnostic,” said Crane Hassold, Director of Threat Intelligence at Abnormal Security.
On the other hand, Business Email Compromise (BEC) attacks (where attackers obtain the email of a trusted person, like the CEO, and use it attempt to commit fraud) declined. Agari found that the average amount requested in wire transfer BEC attacks in Q4 2021 was $50,027, down from $64,353 in Q3 2021. This decrease was because scammers requested fewer big-dollar transfers over $100,000. So, that could be good news or it could be simply that cybercriminals have moved on to other hacking methods.
These and other notable cyber stats are in the article linked above. No surprise (to me, at least) that phishing attacks are at an all-time high, especially given what’s going on in the world today.
So, what do you think? Are you surprised that phishing attacks continue to go up? Please share any comments you might have or if you’d like to know more about a particular topic.
Disclaimer: The views represented herein are exclusively the views of the authors and speakers themselves, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.
[…] #8! It’s 316,747 phishing attacks and it’s for December 2021! I covered that stat last […]