According to the newly released data from the Anti-Phishing Working Group, every metric measuring phishing attacks is up this year over last, spelling trouble for organizations.
There’s tons of report data out there covering the makeup of organizations experiencing phishing attacks and even the resulting ransomware or data breaches. But we don’t often get to see just how cybercriminals are ramping up and working diligently in their craft to see those successful attack results.
In the Anti-Phishing Working Group’s (APWG) latest Phishing Activity Trends Report just released for Q1 2021 We see some very concerning news, as there appears to be either lots more bad actors ramping up phishing attacks, the existing ones are stepping up their efforts, or – even worse – a bit of both.
According to the report:
- The total number of phishing sites detected in Q1 grew 271% with January setting a record of nearly 246K sites – a 347% growth over January of 2020
- The number of unique email subjects rose 133% in Q1, totaling over 172K
- The number of impersonated brands rose to 1302, a 24% increase over Q1 last year
Financial Institutions topped the list of targeted sectors, with Social Media increasing nearly 3x over the same time last year and SaaS/Webmail remaining in the top 3 for a second year.
Your response to this data should be something like “we really need to make sure we are protected against phishing” which entails not just solutions that scan email and protect the endpoint; you also need to incorporate the user in your protective strategy. By using Security Awareness Training continually, your users become continually mindful about their interactions with email and the web, constantly vigilant when encountering suspicious or malicious content.