APWG Q3 Report: Phishing Attacks at Highest Level in Three Years


According to the APWG’s new Phishing Activity Trends Report, the number of phishing attacks continued to rise into the autumn of 2019. The total number of phishing sites detected by APWG in July through September 2019 was 266,387.

This was up 46 percent from the 182,465 seen in the second quarter of 2019, and almost double the 138,328 seen in Q4 2018.

Total number of phishing sites detected by APWG in July through September 2019 was 266,387, up 46 percent from 182,465 in Q2 2019. More than 400 brands targeted by phishers in Q3 2019: https://docs.apwg.org/reports/apwg_trends_report_q3_2019.pdf

“This is the worst period for phishing that the APWG has seen in three years, since the fourth quarter of 2016,” said Greg Aaron, APWG Senior Research Fellow and President of Illumintel Inc.

In addition to the increase in phishing volume, the number of brands that were attacked by phishers in Q3 was also up notably. APWG contributor MarkMonitor saw attacks against more than 400 different brands (companies) per month in Q3, versus an average of 313 per month in Q2. Stefanie Wood Ellis, Anti-Fraud Product & Marketing Manager at MarkMonitor, noted: “The top targeted industries are largely consistent with previous quarters. Webmail and SaaS sites remained the biggest targets of phishing.”

Meanwhile, “Business e-mail compromise” or BEC scams remained highly damaging. These attacks target employees who have access to company finances or valued data assets, usually by sending them email from fake or compromised email accounts (a “spear phishing” attack).

According to APWG contributing member Agari, 40 percent of BEC attacks use a domain name registered by a scammer. These domains are often variations of a trusted, existing company name, meant to fool unwary victims. In the third quarter, attacks involving wire transfers from victims were for an average of $52,325.

Also in this quarter’s Trends report: APWG member RiskIQ analyses where phishers register domain names; APWG contributor Axur documents rising phishing levels in Brazil; and researchers at APWG member PhishLabs document the rising use of SSL certificates on phishing web sites. The full text of the Q3 2019 report is available here: https://docs.apwg.org/reports/apwg_trends_report_q3_2019.pdf

About the APWG

APWG, an international affairs organization focused on global suppression of common and advanced cybercrimes, was founded in 2003 as the Anti-Phishing Working Group. The global industry, law enforcement, and government coalition of more than 2,100 institutions is unifying the global response to electronic crime, curating one of the world’s largest NGO-managed clearinghouses of cybercrime event data, and enabling the sharing of these data to protect consumers, commercial enterprises and government ministries. The APWG's www.apwg.org and education.apwg.org websites offer the public, industry and government agencies practical information about phishing. APWG is co-founder and co-manager of the STOP. THINK. CONNECT. Messaging Convention, the global online safety public awareness collaborative and founder/curator of the eCrime Researchers Summit, the world’s first peer-reviewed conference dedicated specifically to electronic crime studies. KnowBe4 is an APWG corporate sponsor.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews