Phishing Continues to be on the Rise in 2018!


It should come as no surprise that the most successful attack tactic is being used more in 2018. APWG’s latest report shows us the trends and what to expect for the remainder of 2018.

The Anti-Phishing Working Group (APWG) analyzes phishing attack data from industry partners, and reports on its findings quarterly. Their latest, released on July 31st, covers the phishing trends found in Q1 of 2018.

While APWG’s reports are probably a quarter behind in their timeliness, the data found remains valuable to demonstrate the trends we should continue to see throughout all of 2018.

The highlights of the report included:

  • Over 11,000 phishing domains were created in Q1
  • The total number of phishing sites increased 46% over Q4 2017
  • The use of SSL certificates on phishing sites continues to increase to lull visitors into a false sense of security and site legitimacy.

All three of these trends add up to one thing – the bad guys are working on looking more and more legitimate. While the really poorly-written HTML emails attempting to look like an email from Fedex and other well-known companies still exist today, cybercriminals are working diligently to improve their craft – the more legitimacy they can establish through great presentation, proper context, and intelligently targeted spear phishing, the more successful the campaign.

Just as the cybercriminals are stepping up their game, your organization needs to as well. Users are going to be faced with determining the legitimacy of email requests, links, and attachments on their own. So, it is critical to empower the user with Security Awareness Training to teach them to have a security-centric mindset while doing their job.

On-Demand Webinar: Phishing Attack Landscape and Industry Benchmarking


One of your important and ongoing IT security initiatives is getting the Phish-prone percentage of your users as low as possible. But how are you doing compared to the "similar-size peers" in your industry? We just finished a big-data analytics exercise over the 15,000 customers we have and came up with new baseline phish-prone percentages, and how fast it drops. Join Stu Sjouwerman and Perry Carpenter as they discuss brand-new research based on what your users are clicking and find out how you are doing compared to your peers with new phishing benchmarks by industry.

Watch the Webinar

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews