The number of phishing attacks doubled to reach over 500 million in 2022
Kaspersky’s anti-phishing system prevented more than 500 million attempts at accessing fraudulent websites in 2022. This is twice more when compared to 2021 figures. The most commonly used bait for these attacks were delivery services, messengers, and cryptocurrency platforms. These and other findings can be found in Kaspersky’s new Spam and Phishing in 2022 report.
Although spam and phishing attacks are not necessarily complex from a technological standpoint, they rely on sophisticated social engineering tactics, making them highly dangerous to those who are not aware of them. Fraudsters are skilled at creating phishing web pages identical to the original websites that collect private user data or encourage the transfer of money to fraudsters targeting both individuals and organizations. Kaspersky experts discovered that throughout 2022 cybercriminals increasingly turned to phishing. The company’s anti-phishing system successfully blocked 507,851,735 attempts to access fraudulent content in 2022, twice the number of attacks thwarted in 2021.
Users of delivery services were the most frequently targeted victims of
phishing attacks, making up 27.38% of all blocked attempts. Fraudsters send
fake emails pretending to be from well-known delivery companies and claim there
is an issue with a delivery. The email includes a link to a fake website, which
asks for personal information or financial details. If the victim falls for the
scam, they could lose their identity and banking information, which may be sold
to websites on the dark web. Other popular targets of phishing attacks include
those in online stores (15.56%), payment systems (10.39%), and banks (10.39%).
Distribution of organizations targeted by
phishers, by category, 2022
Kaspersky experts have also highlighted the following trend in the phishing landscape of 2022: an increase in the distribution of attacks through messengers, with the majority of blocked attempts coming from WhatsApp (82.71%), followed by Telegram (14.12%) and Viber (3.17%).
There is also growing demand among cybercriminals for social media credentials, with criminals exploiting people's curiosity and desire for privacy by offering fake updates and verified account status on social media platforms.
An example of phishing page mimicking a social media alert
Moreover, the experts found that cryptocurrency scams and the ongoing pandemic are still being used by phishing attackers to steal sensitive information from people who are afraid and worried. These scammers are taking advantage of people's fears and concerns to steal their sensitive information.
"Phishing is one of the most prevalent and pernicious threats in the cybersecurity landscape. Being the gateway to many of the worst cyber threats, phishing pages are the first step in a long chain of events that can result in identity theft, financial loss, and reputational damage for both individual consumers and businesses. It's crucial for everyone to understand the threat and take action to protect themselves," comments Olga Svistunova, security expert at Kaspersky.
In order to avoid becoming a victim of spam or phishing-based scams, Kaspersky experts advise the following:
Only open emails and click links if you are sure you can trust the sender
- When a sender is legitimate but the content of the message seems strange it is worth checking with the sender via an alternative communication channel
- Check the spelling of a website’s URL if you suspect that you are faced with a phishing page. If you are, the URL may contain mistakes that are hard to spot at first glance, such as a 1 instead of I or 0 instead of O
- Use a proven security solution when surfing the web. Thanks to access to international threat intelligence sources, these solutions are capable of spotting and blocking spam and phishing campaigns.
Read more about Spam and Phishing in 2022 in the report published on Securelist.com
The number of phishing attacks doubled to reach over 500 million in 2022
Kaspersky
Related Articles Press Releases
Updated Kaspersky Security for Mail Server offers advanced content filtering and enhanced visibility for SOC
Kaspersky has announced a significant update to its Kaspersky Security for Mail Server, designed to strengthen systems against emerging email threats. The latest version of Kaspersky Security for Mail Server features advanced functionality for content filtering, quarantine management, and enhanced visibility for Security Operations Centers (SOC).Read More >Innovation journey: Dubai welcomed Kaspersky's Cyber Immunity Conference
Leading cybersecurity experts, scientists, business leaders and government officials from more than 20 countries worldwide have come together for the inaugural international Cyber Immunity Conference. Exploring the complex and evolving cyberthreat landscape the conference provided invaluable insights into the future of our digital age and celebrated the pioneering efforts of the first Cyber Immunity Champions.Read More >Kaspersky Thin Client 2.0: Cyber Immune protection with enhanced connectivity, performance and design
Kaspersky has presented an updated operating system for thin clients that offers enhanced connectivity, higher speed of applications delivery, lower total cost of ownership, user-friendly graphical interface and quick deployment. Kaspersky Thin Client 2.0 is the main component of the Cyber Immune solution for building thin client infrastructure in a wide range of industries, including healthcare, finance, education and manufacturing.Read More >
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.