According to an APWG report, there were 260,642 phishing attacks in July 2021, the highest monthly total since APWG began the monitoring program in 2004.
Since early 2020, the number of phishing attacks has more than doubled.
APWG Senior Research Fellow Greg Aaron noted, “The number of phishing sites being reported to APWG is now ten times what it was ten years ago, back in late 2011. Phishing has not decreased as the online environment has evolved – it remains a dangerous, effective, and profitable activity for cybercriminals.”
Through 2021, the number of phishers’ targets – banks, app providers, universities, and other entities that phishers imitate in order to deceive victims – has increased. The number of targeted brands was just over 400 in early 2021, but by the end of Q3 2021, it had surpassed 700.
In Q3 2021, Phishing Attacks were most Common in SaaS and Webmail Sectors
According to OpSec Security, the software-as-a-service and webmail sectors were the most commonly targeted by phishing attempts in the third quarter of 2021, accounting for 29.1% of all attacks.
Financial institutions and payment providers were the targets of several attacks, accounting for 34.9% of all attacks. Phishing against cryptocurrency targets, such as cryptocurrency exchanges and wallet providers, accounted for 5.6% of all attacks.
RiskIQ analyzed at the usage of domain names for phishing and discovered issues with free domain names, while Axur documented into how phishing has recently surged in Brazil.