According to a recent report, phishing attacks rose by nearly 50% in the year 2022 in comparison to 2021, with the education sector experiencing the highest growth, raising the total number of attacks by 576%. Additionally, the report showed retail and wholesale being ruthlessly attacked in 2021 only to fall by 67% in 2022. Nations such as the United States, the United Kingdom, Canada, Russia and the Netherlands were the top-most targeted when it came to phishing campaigns. Brands including Microsoft, Binance, Netflix, Facebook and Adobe faced the brunt of these attacks.
It was revealed by the Global CISO and Head of Security, Zscaler, that threat actors are increasingly utilizing AI tools and Phishing Kits for launching email, SMiShing, and Vishing campaigns. These AI tools have eased the technical barriers for criminals to launch attacks with outcome much faster and efficient. Moreover, the report states that most recent phishing attacks are a result of compromised credentials. Adversary-in-the-Middle attacks, IPFS (InterPlanetary File System) usage, and utilization of phishing kits from black markets and AI tools like ChatGPT are becoming more and more common. Vishing attacks, in particular, have escalated in comparison to SMS- or SMiShing-targeted campaigns, with the attackers using pre-recorded messages of executive personnel to coerce the recipients into taking action, like transferring money or providing credentials.
It is alarming to note that recruitment scams are also on a rise, with cybercriminals using LinkedIn and other job recruiting sites to carry out their illicit activities. Microsoft was discovered to be the most emulated brand of the 1 year, with nearly 31% of all attacks targeting the Microsoft corporate applications of the victims.
The global cloud security leader Zscaler is based in the United States and provides cloud-based interpretation, compliance, security and web security solutions to companies worldwide. Founded by Jay Chaudhry, the company is trusted by over 4,500 clients, which include top U.S Banks, retailers, telecoms, healthcare organizations and educational institutions. The platform helps organizations to protect their systems from malware, phishing, ransomware, data breaches and other cyberattacks. It offers Zero Trust Security-as-a-Service, combined with unparalleled threat visibility and secure data protection, reducing security complexity and costs for the global customers.