According to Zscaler, a zero-trust security vendor, phishing campaigns worldwide increased by nearly 50% in 2022 compared to 2021. ThreatLabz Phishing Report.
A staggering 65% of phishing attacks worldwide occur in the United States (up from 60% in 2021), up from other countries such as Canada (up 718%) and the United Kingdom (up 269%) year-over-year. is increasing slowly. %), Russia (up 199%), Japan (up 92%).
By vertical, attacks on education increased 576%, while finance and government saw a 273% increase over the previous year, according to Zscaler. Meanwhile, previously targeted retail and wholesale sectors saw a 67% drop in phishing attacks.
A report published on April 18 found that most modern phishing attacks rely on stolen credentials, leading to a growing threat from Adversary-in-the-Middle (AitM) attacks, It outlines the growing use of distributed peers, the InterPlanetary File System (IPFS). – Peer-to-peer file systems that allow users to store and share files on a decentralized network of computers, and reliance on phishing kits obtained from the black market and AI tools such as ChatGPT.
“AI tools such as ChatGPT and phishing kits have greatly contributed to the rise of phishing, reducing technical barriers for criminals to enter, saving time and resources. […] For example, large language models like ChatGPT make it easier for cybercriminals to generate malicious code and business email compromise (BEC) attacks, and develop polymorphic malware that makes it harder for victims to identify phishing. It’s easier,” the report said.
Another Zscaler ThreatLabz finding shows that SMS phishing (smishing) is evolving into voicemail-related phishing (vishing), encouraging more victims to open malicious attachments. I’m here.
Finally, the report found an increase in job fraud on LinkedIn and other job sites.
“Unfortunately, in 2022, many large Silicon Valley companies have made the tough decision to downsize. Victims often went through the entire interview process, and some were even asked to purchase supplies that were later reimbursed.”
Deepen Desai, Zscaler’s global CISO and head of security, warned in an official statement that while the rise in phishing campaigns is nothing new, their sophistication is unprecedented.
“The number of phishing attacks continues to grow each year, becoming more sophisticated. Attackers leverage phishing kits and AI tools to launch highly effective email, smishing, and vishing campaigns at scale. Fueled by the rise of phishing as a service, AitM attacks allow attackers to circumvent traditional security models, including multi-factor authentication,” he said.
Findings from ThreatLabz Phishing Report Based on one year of global data from Zscaler Security Cloud, which monitors over 280 billion transactions daily worldwide from January 2022 to December 2022.
