In today’s online landscape, it is crucial for organizations to stay on top of the threats that put their enterprises at risk. Agari and PhishLabs have put together their Quarterly Threat Trends & Intelligence Report detailing their analysis of phishing and social media attacks this quarter. The report presents statistics regarding the volume of attacks, the tactics used by cybercriminals, and the main targets of these attacks, documenting the changes since last quarter. Below are the key findings from the report.

The volume of total phishing sites increased almost 6% from Q1 and remains steady, as opposed to the erratic spikes in activity that took place in 2021. For the remainder of 2022, phishing volume is expected to steadily climb as criminals learn where businesses’ weaknesses lie and take advantage of their vulnerabilities. 

Although financial institutions remain the top targeted industry at 42% of attacks, these attacks have declined more than 19% since 2021. The second most targeted industry was telecommunications, experiencing 23% of all phishing attacks. Social media accounted for 21% of overall volume, notwithstanding a small decrease in attacks.

Phishing Targeting Corporate Users

Malicious emails increased in volume in Q2 in spite of a slight decrease in the total share of emails, making up 6.8% of the total. Emails classified as Do Not Engage increased in volume and share, accounting for 12% of employee-reported emails. These emails do not contain clear indicators of malicious intent, but are considered suspicious. Emails classified as No Threat Detected accounted for 81.3% of employee-reported emails, a slight decline in Q2.

Credential theft attacks decreased by 4.2% but still represented the largest proportion of email-based threats at nearly 55%. Response-based attacks that rely on social engineering tactics reached the highest volume and proportion since 2020, accounting (Read more...)