Phishing Attacks Skyrocket in Second Half of 2022
A new report by Vade shows total phishing emails increased by 61% during the second half of 2022 over the first half of the year.
In the fourth quarter, Vade detected 278.3 million unique phishing emails, surpassing the previous quarter’s total by 74.4 million. Month-to-month, phishing volumes were relatively stable through the first half of the fourth quarter.
October saw the second-highest volumes (62.3 million), followed by November (47 million). In December, phishing emails jumped significantly, totaling more than 169 million, a 260% month-over-month increase.
Todd Stansfield is Vade’s content marketing manager.
“December’s leap followed a similar pattern observed in Q4 2021, when November accounted for a dramatic increase in phishing emails compared to other months in the quarter,” he said.
Malware volumes finished the year strong, increasing 12% quarter over quarter in the fourth quarter to account for 58.9 million emails, a 55% increase compared to the same period in 2021, according to Vade. Throughout the quarter, malware volumes saw a modest decline month-to-month. October accounted for the highest share of emails with more than 21 million, followed by November (20.8 million) and December (17 million). While malware volumes declined slightly in the second half of 2021 compared to the first half (11%), the annual total equaled more than 236.4 million emails, a 48% increase over 2021.
“Phishing-as-a-service (PaaS) platforms continue to empower hackers to launch sophisticated attacks without the technical skills,” Stansfield said. “By purchasing a phishing kit, novice hackers can deploy highly convincing and effective schemes against their targets. While phishing kits continue to become more sophisticated, Vade analysts identified a recent enhancement that enables phishing kits to automatically localize phishing pages based on a victim’s native language. The feature identifies the language settings of the targeted user’s browser, and uses it to update and display the phishing page accordingly. While improving the contextual accuracy of each phishing attack, the new feature also enables hackers to target users across multiple languages using a single kit, thus increasing the reach of their campaigns.”
Email is the No. 1 channel for distributing phishing and malware attacks, giving hackers a convenient, scalable and efficient vehicle for exploiting users and compromising accounts, according to Vade.
