The Anti-Phishing Working Group (APWG) this week released its Q1 2022 report that found while most sectors saw a decreased in the overall number of ransomware attacks, the financial services industry experienced a 35% increase in attacks.
APWG’s Q1 report, released during the RSA Conference, also found a 7% increase credential theft phishing against enterprise users and the impersonation of corporate executives on social media was an increasingly observed business risk.
Overall, the financial sector was the most frequently victimized by phishing, in Q1, with 23.6% of all attacks. Phishing against cryptocurrency targets also inched up to 6.6% of attacks in Q1.
Ryan McCurdy, vice president of marketing at Bolster, said his company’s research also found that verticals like the financial industry are significantly under attack. McCurdy said Bolster research found 175,967 digital scams targeting the financial industry alone: a 59% increase from the prior year.
“As the digital ecosystem expands at an accelerated rate, the modern company's public attack surface is more vulnerable than ever,” McCurdy said. “The same touch points you use to connect with your customers are being exploited by attackers to phish employees, steal private data, destroy customer trust, and worse."
Patrick Harr, CEO at SlashNext, added that current defenses have not been adjusted to find phishing attacks. Harr said as phishing continues to grow as a vector for ransomware attacks, zero-hour, real-time threat prevention solutions are critical to prevent these threats.
“The ability to block employee web traffic to phishing sites, via malicious links and other vectors, and stop a ransomware attack at the start of the kill chain, is [now] of the greatest importance,” Harr said.