Phishing Attacks Rose 61% in 2022, Interisle’s Study Finds
New York City (via Newswire) — The cybercrime commonly called “phishing” soared 61% in the past year to more than 1 million attacks and continues to pose a significant threat to most Internet users. The findings were presented in an annual study from Interisle Consulting Group, specialists in business and technology strategy and authors of a long-running series of reports on phishing activity.
Researchers found the “phishing” cybercrime technique had expanded to more brands and surged in the cryptocurrency field.
Phishing attacks lure victims, typically via email or text message, to a fraudulent website that appears to be run by a trusted entity, often a bank or retailer. The site is designed to persuade a victim to provide sensitive information like a bank account number.
For its study, entitled “Phishing Landscape 2022: An Annual Study of the Scope and Distribution of Phishing,” Interisle assembled and analyzed a deep and reliable dataset by collecting more than three million phishing reports from May 1, 2021 through April 30, 2022.
The information was garnered from four respected threat intelligence providers: the AntiPhishing Working Group (APWG), OpenPhish, PhishTank, and Spamhaus, and examined data from 2020 for a longer-term examination of certain issues. The report also includes Interisle’s recommendations on measures to stop the practice.
Interisle’s study has drawn praise from experts on the topic. “This thoroughly researched report is essential reading for anyone concerned about the growing threat of online phishing,” said John Levine, president of the Coalition Against Unsolicited Commercial Email (CAUCE).
“It has detailed analyses and advice on what and where the threats are, and how we can and must deal with them.”
Interisle’s study found the 3 million reports represented 1,122,579 unique phishing attacks during that time frame, with 853,987 domain names reported for phishing, a 72% increase over the previous year’s study.
One notable finding: Phishing attempts related to cryptocurrency increased 257% year to year.
Nearly 80% of the generic top-level domains (gTLD) reported for phishing were maliciously registered, and crypto-wallets were the most targeted brands.
“Cryptocurrency phishing has skyrocketed, especially attacks involving wallets and exchanges,” said Interisle partner and co-author Dave Piscitello.
“Phishers are applying attack techniques that they’ve used against other financials to virtual currencies with great effect.”
The information cited in this story was included in a press release from Newswire.com. The release was sent to CapitolBeatOK.com, which adapted the release. Newswire is a press release distribution platform that regularly works with news organizations around the world.
The original press release can be viewed here:
In other findings:
* The number of monthly attacks has doubled in two years, from about 40,000 in May 2020 to more than 100,000 in April 2022.
* Phishers targeted over 2,000 businesses and organizations during the 1 May 2021 to 30 April 2022 period. The majority of phishing attacks targeted just 10 brands.
* A small number of registrars dominate malicious domain registration in some TLDs (top-level domains). In four TLDs, more than 80% of the malicious domains were registered through just one registrar.
* Phishing attacks are disproportionately concentrated in new gTLDs. While the new TLDs’ market share decreased during the yearly reporting period, phishing among the new TLDs has increased.
* Phishers deliberately registered 69% of all domains—and 92% of new gTLD domains—on which phishing occurred.
* Phishers have begun targeting more brands, including Amazon, Apple, Meta (Facebook, WhatsApp) and Microsoft (Outlook).
Interisle’s report also includes observations and recommendations to counter phishing attempts, including:
* The naming, addressing, and hosting ecosystem exploited by phishers (and cyber attackers generally) is encumbered by vertically isolated (“siloed”) policy and mitigation regimes.
* Registries and registrars should identify, “lock”, and suspend domains reported for phishing, and hosting and cloud service providers should remove phishing content or shut down accounts where phishing occurs, and all parties should be more responsive to abuse complaints, especially for cybercrimes such as phishing, and they must begin to do so in a more coordinated and determined manner.
* Changes to or introduction of policy or regulation may be necessary to effectively mitigate phishing. Obliging operators to validate the identity of users and customers, coupled with agreement on a common definition of lawful access that acknowledges the role that the private sector plays in combating cybercrime, could reduce both the incidence of phishing and the difficulty of responding to it.