The APWG’s new Phishing Activity Trends Report reveals that phishing maintained near-record levels in the first quarter of 2021, after landmark increases of 2020 in which reported phishing websites doubled.
The number of reported phishing websites peaked in January 2021 with an all-time high of 245,771 before declining later in the quarter. Still, March suffered more than 200,00 such attacks, the fourth-worst month in APWG’s reporting history.
“The APWG’s members are reporting more confirmed phishing attacks,” said Greg Aaron, Senior Research Fellow at the APWG, and the editor of the new report. “There are, however, many more attacks that are not reported in our data repository. That means these numbers are the floor, and that the situation out on the Internet is worse than the mounting numbers indicate.”
In related news, APWG contributing member Agari found that Business E-mail Compromise (BEC) scams are becoming more costly for some victims. The average wire transfer request in BEC attacks increased to $85,000 in Q1 2021, up from $48,000 in Q3 2020. Researchers also tracked a new tactic being used by BEC scammers: the “aging report” scam.
“The attacker impersonates a company’s executive and simply requests a copy of a recent aging report from their accounting department, which contains a list of all unpaid customer accounts, as well as the names and email addresses of the primary customer contacts,” said Crane Hassold, Senior Director of Threat Research at Agari. “Once an attacker has received an aging report, he will then target the victim’s customers, requesting that they pay their overdue invoices to a new bank account controlled by the scammer.”
OpSec Security found that phishing that targeted financial institutions was the largest category of phishing in the first quarter, representing 24.9 percent of all attacks. OpSec also observed that that phishing against the social media sector ballooned to 23.6 percent of all attacks, up from 11.8 percent in Q4 2020.
Phishers are also deploying encryption to fool users into thinking that phishing sites are legitimate and safe. APWG contributor PhishLabs found that, in the first quarter of 2021, 83 percent of phishing sites had SSL encryption enabled. This number plateaued for the first time since PhishLabs began studying the numbers in 2015.
RiskIQ analyzed the use of domain names for phishing and analyzed several specific phishing campaigns. “As the global pandemic is not yet behind us, we must maintain and encourage vigilance against scammers who will continue to try and illegally profit by abusing the public’s interest in vaccination,” said Jonathan Matkowsky, Vice-President of Digital Risk at RiskIQ.