Phishing Kits, Credential Theft, and Social Media Scam Trends Q1 2022

You are currently viewing Phishing Kits, Credential Theft, and Social Media Scam Trends Q1 2022

 

This year, phishing assaults have changed in unanticipated ways in addition to rising in volume. Phishing assaults are spread across several online platforms, according to the Quarterly Threat Trends & Intelligence Report. Let’s examine the most recent phishing patterns from the first quarter of the year.

A few statistics your way

Financial institutions were the target of 53.8 percent of all phishing attacks that stole credentials.

21.5 percent of all phishing attempts on social media were motivated by the theft of credentials.

Phishing attempts did, however, decline 10.3 percent in the telecoms industry.

Nearly 52% of phishing sites in Q1 2022 were set up using hacked websites.

On four generic top-level domains, or around 66% of all phishing sites, a rise of 9.1% from Q4 2021.

The classic email phishing assault has somewhat increased, but there have also been more instances of social media impersonation frauds, dark web threats, hybrid vishing attacks, and BEC attacks.

 

Why it’s important?

The increase in harmful activity on unorthodox platforms reveals threat actors’ opportunistic character. Phishing poses a serious risk to businesses, their clients, and staff members. Since attacks have surged by 105% since this time last year, social media has become a popular medium for attackers. As businesses utilise many platforms to conduct operations and communicate, cyberattackers have a number of ways to take advantage of their victims.

Most recent phishing attempts

Employees in South Africa received phishing emails from threat actors using monkeypox-themed baits.

On cybercrime forums, a brand-new, powerful phishing toolset called NakedPages was offered for sale. Users of MS Office and Google may be the target.

Millions of users were seduced by a large phishing effort that targeted Facebook. The opponents obtained the victims’ login information and ran advertisements to generate income.

The conclusion

The aforementioned figures and occurrences show that protecting the network perimeter alone will not protect enterprises against phishing assaults. Enterprises must proactively monitor risks and acquire threat intelligence to have a better understanding of the security landscape.

Leave a Reply