Zscaler’s annual ThreatLabz report finds phishing-as-a-service to be the reason for the cross-industry increase in attacks worldwide.
According to the FBI Internet Crime Complaint Center (IC3), phishing attempts are the most commonly reported cyberattack. This is confirmed by Zscaler’s ThreatLabz research team, which analyzed data from more than 200 billion transactions and 150 million attacks blocked daily to identify new threats. This year’s phishing report shows a dramatic 29 percent increase in phishing attacks compared to previous years, with retailers and wholesalers bearing the brunt of the increase. The report also shows an increase in phishing-as-a-service methods, as well as new attack vectors, such as SMS phishing. The report also shows that cybercriminals are increasingly using phishing as a starting point to penetrate businesses, spread ransomware or steal sensitive data.
Multi-pronged defense strategy
To protect against advanced phishing attacks, organizations must deploy a multi-pronged defense strategy anchored on a cloud-native Zero Trust platform that combines full SSL inspection with AI/ML-powered detection to stop the most sophisticated phishing attempts and phishing kits, Lateral Movement Prevention and built-in deception to limit a compromised user’s radius of action, proactive controls to block high-risk targets such as newly registered domains that are often abused by threat actors, and inline DLP to protect against data theft.
Phishing has always been one of the most widespread cyber threats, using various methods to steal private information. One of the reasons why this type of attack is increasing every year is the low barrier to entry. Cybercriminals use current events such as the COVID-19 pandemic or cryptocurrencies to trick unsuspecting victims into handing over sensitive data such as passwords, credit card information and login credentials.
Lures with well-known brands or current events
The 2022 ThreatLabz Phishing Report found that phishing attacks lure victims by impersonating well-known brands or promoting current events. Top phishing targets in 2021 included categories such as productivity tools, illegal streaming sites, shopping sites, social media platforms, financial institutions and logistical services.
In 2021, the U.S. was the most targeted country globally, accounting for over 60 percent of all phishing attacks blocked by Zscaler Security Cloud. The US was followed by Singapore, Germany, the Netherlands and the UK. Whereby in the Netherlands the number of attacks decreased by 38 percent.
Looking at the industries, retail and wholesale companies recorded the most phishing attacks, with a 400 percent increase. This was followed by the financial and public sectors , where attacks doubled on average. The healthcare industry, on the other hand, saw a 59 percent decrease, while the service industry saw a decrease of about one-third.
Phishing-as-a-service from the dark web
While phishing has long been one of the most common tactics used in cyberattacks by sophisticated attackers, a maturing market for attack frameworks and services is making phishing increasingly easy for less technically savvy cybercriminals. By selling their pre-packaged phishing tools and services on the dark web, cybercriminals are making it easier to deploy phishing scams on a large scale, increasing the likelihood that there will be a further increase in phishing activity in 2022.
Defending against phishing attacks
According to the Zscaler ThreatLabz research team, the average organization receives dozens of phishing emails every day. This means that employees at all levels need to be aware of the most common phishing tactics and be able to recognize phishing attempts that can lead to financial loss and damage to the business. While it is impossible to eliminate phishing risk, effective management can prevent mission-critical information from falling into the hands of cybercriminals. Zscaler suggests the following tactics to combat phishing growth:
- Learning and understanding the risks posed by phishing to make better policy and technology decisions
- Using automated tools and actionable intelligence to give employees the tools they need to reduce phishing incidents
- Timely employee training to increase security awareness and encourage user reporting
- Simulation of phishing attacks to identify gaps in security policies and procedures
- Assessing security infrastructure to ensure access to the latest research and system capabilities
Zscaler analyzed for the ThreatLabz Phishing Report 2022, global phishing data from the Zscaler Security Cloud over a 12-month period.