Trending Topics: Phishing, Social Media and Malicious Email Attacks on the Rise

The cybersecurity threat landscape is continually changing. In fact, last month the UK Government issued a warning to businesses and charities to bolster their cybersecurity practices in response to a rise in cybercrime. This came after the release of the Cyber Security Breaches Survey 2022 report from the Department for Digital, Culture, Media and Sport (DCMS), which demonstrated that the frequency of cyberattacks is rising. In total, the report found that 39% of UK businesses identified an attack in the past 12 months.

With this rising concern, understanding the issues and trends as they develop is key for infosec leaders and their teams looking to stay ahead of the risks. Newly published research gives new insights into the key cybersecurity challenges including the prevalence of social media attacks, phishing and malicious email attacks. It reveals how threat actors are shifting strategies as they look for ever more effective ways to mount attacks emphasising that organisations must remain vigilant. Recent emerging trends identified in the report include:

Social Media

Social media as a threat channel saw a two-fold increase in attacks throughout 2021. The number of social media attacks per target increased 103% from January 2021 when enterprises were experiencing  an average of just over one threat per day. In December of the same year, enterprises averaged over 68 attacks per month, or more than two per day.

Fraud-related social media attacks were the leading threat type encountered by enterprises. Cyber threats (such as hacking attempts) and impersonations increased throughout the second half of 2021. Most notably, while data leaks continue to pose a significant threat for businesses of all sizes, the volume and percentage of attacks have consistently declined from Q1 (23%) to Q4 (2.8%), possibly suggesting a shift in strategy by threat actors as organisations have become more proficient when it comes to data protection.

Phishing Attacks

In 2021, the total number of phishing sites observed increased by 28%. However, despite outpacing last year’s volume, month-to-month phishing activity in 2021 proved to be erratic. Phishing volumes ranged from a two-year high in May to a nearly two-year low in December.

In Q4 2021, the financial, telecommunications, and social media industries were responsible for nearly all (98%) phishing sites. Phishing attacks targeting financial organisations climbed consistently throughout 2021. And telecommunications experienced the second-highest level of phishing sites (24.6%).

Looking at specific staging tactics, in Q4, just over half of all phishing sites (50.1%) were staged by abusing free sites and resources, including tunnelling services, free hosting, URL shorteners, and free domain registrations.

Malicious Emails

Employee-reported emails are a critical part of any organisation’s digital risk protection strategy. On average, the majority of suspicious emails reported by employees are thankfully not malicious. However, a significant percentage do pose legitimate threats. This places significant value on a trained and highly alert workforce to help identify emails that make it past automated security stacks. In Q4, approximately 18% of employee reported emails were either confirmed malicious or suspicious enough for security teams to inform employees to not further engage with the file.

Related:   Digital Transformation: The leading factor for API attacks

On average, across all industries, each employee within an organisation was responsible for reporting 3.3 suspicious emails per year. Employees within IT services firms reported the highest frequency (14.3%), followed by venture capital (9.3%), employees of credit unions (6.9%), legal services (6.1%), and insurance (5.7%). Employees in these industries and others were responsible for collectively identifying and stopping hundreds of thousands of malicious and highly suspicious emails that could have resulted in substantial financial damage.

Dark Web

Criminals advertising stolen credit and debit card data on the Dark Web accounted for almost 73% of all Dark Web threats during Q4. The sale of corporate credentials (aka personally identifiable information) was second highest, representing the largest quarter-over-quarter increase in share among all threats.

Throughout 2021, threat actors relied on a variety of attack vectors to carry out their campaigns. While the year was witness to an increased presence of emerging threats, traditional phishing methods still commanded a majority of threats facing enterprises. To meet these challenges head on, security leaders must broaden their lines of defence starting with strong, cross-channel monitoring while also building relationships with technology providers in new areas to minimise the scope of threats targeting their infrastructure and data.

Principal Strategist at

John LaCour is the Founder and CTO of PhishLabs and serves as Principal Strategist with HelpSystems. PhishLabs, by HelpSystems, is a cyber threat intelligence company that delivers Digital Risk Protection through curated threat intelligence and complete mitigation. PhishLabs provides brand impersonation, account takeover, data leakage and social media threat protection in one complete solution for the world’s leading brands and companies.

Leave a Reply

Your email address will not be published. Required fields are marked *