These Are the Top Most Targeted Countries by Phishing Attacks

The United States is once again, and for the foreseeable future, the most targeted country by threat actors’ phishing attacks. Making up an astonishing 84% of all phishing volume, the U.S. saw a single percent decline from 85% last year. But…

While this sounds like a positive, the number of attacks went up by more than 60,000 in 2018. By comparison, the number of attacks in 2017 only went up by about 15,000. In total, this is attributed to the global increase in phishing attacks, and some countries are becoming larger targets. According to this year’s annual Phishing Trends and Intelligence report, US organizations rose by more than 40% in 2018 and has more than doubled since 2015.

AWS Builder Community Hub

Top Targeted Countries

The following are the most targeted countries by phishing attacks in 2018:

  1. United States (-1%)
  2. Canada (+2%)
  3. France (-1%)
  4. China (0%)
  5. Great Britain (-1%)
  6. Turkey (+1%)
  7. Australia (0%)
  8. New Zealand (+1%)
  9. Brazil (0%)
  10. Mexico (0%)

*Shift in share

The attacks focused on the U.S. are the result of continued success in past attacks, the wide-spread adoption of technology (especially mobile), and socio-economic status of its citizens. Likewise, other developed nations are more likely to be the victim of phishing attacks due to their level of connectivity, trust in technology, and availability of currency.

For each of the above targets, though their piece of the phishing pie didn’t fluxate drastically, all of them saw an increase in attack volume. Canada was up 170%, Turkey a full 905%, and Mexico 93%. Some of the more drastic increases were primarily due to their initial low numbers.

Host Countries


The data associated with host countries are a bit more straight forward. A phish hosted on a country code top-level domain (ccTLD) accounts for where a phish is hosted. It’s important to note this clarification as it does not mean the threat actor is housed in that specific location, but is more likely targeting a brand or business there.

While attack volume rose for 26 of the top 30 most attacked countries, there were a number of changes in 2018’s top 10 compared to the previous year. Most notably, Canada saw a substantial rise in phishing volume starting from April 2018, pushing it into second place overall. Much of this volume is accounted for by campaigns targeting a large Canadian financial transaction network. Turkey saw the largest volume shift, but still only accounts for 1% of total phishing volume.

  1. US (2%)
  2. Germany (1%)
  3. Russia (0%)
  4. Netherlands (2%)
  5. France (-1%)
  6. Canada (1%)
  7. Great Britain (0%)
  8. Australia (2%)
  9. Italy (1%)
  10. India (0%)

*Shift in share

For more insights into the current trends and analysis associated with phishing and social engineering, download our newest Phishing Trends and Intelligence report.

*** This is a Security Bloggers Network syndicated blog from The PhishLabs Blog authored by Elliot Volkman. Read the original post at: