Back in the olden days of the internet, when AOL’s dial-up connection still made horrible sounds prior to getting you access to your inbox, phishing attacks were born. Somewhere in the mid-1990s, internet-based social engineering attacks were born and designed to capture credentials on AOL by way of a program called AOHell, and expanded on to stealing credit card numbers or other private accounts. That was nearly 25 years ago, yet to this day, social engineering-based attacks still happen, and in more mass than ever before.
In this year’s Phishing Trends and Intelligence report, we took a look at some of those phishing numbers and how much volume has shifted in the past four years. Our Founder and CTO, John LaCour, recently spoke to this topic during a webinar, which you can watch the on-demand version here.
At the end of the day, exploiting human vulnerabilities continues to be the most successful technique for threat actors targeting organization and consumer assets. Even as technology advances, these actors have evolved in parallel, and remain just as successful, if not more so, from when phishing was first documented.
At a high level, we saw the following in 2018:
Phishing grew 40.9% in 2018. In total, phishing volume rose steadily during the first quarter of the year, remained high throughout the second and third quarter, and then trailed off towards the end of the year. This pattern is similar to what we’ve seen in previous years, with the exception of two significant spikes in total volume during April and August.
Between the highest point this year, in August, and the lowest point in 2015, in January, there was more than an 81% increase in phishing volume. Zooming out further, by comparing annual numbers from APWG, at the lowest (2005) annual numbers to the highest (2015), there was an increase of more than 156%.
Over the years threat actors have shifted their tactics. Ultimately they have only a handful of goals - including stealing credentials, money, or acquiring private information - and each threat actor group has their own personal flavor of approaches. This year we saw a continued increase in the use of free hosts. In 2018, threat actors increased their use of free hosts by more than 82%. Comparatively, non-free hosts saw a 24% increase. In a later article, we’ll further highlight why there was a particularly large boost in threat actors using free hosts.
Industries at Risk
At a high level, there are five particular industries most at risk due to phishing attacks. Financial institutions like banks and credit unions are back on top, followed by email providers, cloud storage companies, payment service providers, and SaaS companies. Like the free hosts, we’ll further detail why and how threat actors are going after these particular industries. You can also learn more in this year’s report or in the on-demand webinar.
So what has changed the most over the years? Stay tuned as we dig further into the data from this year’s Phishing Trends and Intelligence report. Next up we’ll take a closer look at the industries who are most at risk to phishing attacks.