Phishing is on the rise. PhishLabs identified 47% more phishing sites in Q1 of 2021 than there were in Q1 of 2020. This trend is continuing as Q2 attacks are also up significantly year-over-year.
Last year, phishing spiked in late Q1 and Q2 as threat actors took advantage of pandemic-related fear and uncertainty. This year, we are seeing an even greater increase in attacks.
Of the phishing sites detected during Q1, the top five targeted industries were:
- Social Media
- Webmail & Cloud Services
Social media topped the list for the first time, suggesting that threat actors are increasingly drawn to the massive reach and often careless user attitudes toward the security of their social media accounts. Social platforms are used as launchpads for a variety of attack campaigns, and more than half of all accounts
reported as fraudulent.
Of the phish targeting the social media industry in Q1, 21% targeted messaging apps. This allowed threat actors to connect with potential victims in real time, giving the impression that the communication was legitimate. Believing they are interacting with a benign individual, victims are more inclined to perform requested tasks such as clicking a link or divulging sensitive information.
Accounts used for single sign-on (SSO) were also heavily targeted in Q1, accounting for 40% of overall phishing volume. Similar to financial and webmail/cloud services, social platforms are increasingly used to sign up for and log into other online accounts. Exposed credentials (five billion
in 2021 so far) that are associated with social accounts open the door for SSO abuse and have the ability to jeopardize the security of any approved third-party application.
The financial industry continues to be one of the most heavily targeted sectors. The five most-targeted types of financial institutions in Q1 were:
- National Banks
- Payment Services
- Credit Unions
- Regional/Community Banks
Cryptocurrency accounts also became an attractive target for criminals as the market surged in Q1. Crypto transactions are irreversible as well as difficult to trace, and they present threat actors the opportunity to access large payouts, sometimes within a single wallet. As a result, cryptocurrency exchanges experienced an increase in phishing attacks during Q1, moving it up to the 6th most targeted within the financial sector.