Executive Summary

Phishing has long been one of the most pervasive cyberthreats, and it grows every year. According to the FBI’s Internet Crime Complaint Center (IC3), phishing reported the most victims nationally in 2020, and according to the 2021 Verizon Data Breach Investigations Report, 35% of all data breaches involved scams trying to steal people’s sensitive information or login credentials. Phishing did not slow down in 2021: the Zscaler ThreatLabz research team saw a 29% increase in phishing attempts globally over the course of 2021 based on data from billions of blocked attacks across the Zscaler cloud.

Phishing is rising for multiple reasons. As organizations increase their malware and exploit prevention capabilities, attackers turn to social engineering tactics to steal login credentials and successfully compromise organizations. Human adversaries—particularly those with valid credentials—are much harder to detect and stop.

Additionally, more and more automated tools are being developed to make phishing much easier and more accessible to attackers with limited technical knowledge. Phishing kits in particular have played an important role in the rise of phishing activity. Sourced from black markets, phishing kits are bought, leased, or made available for free, and contain everything required to wage an effective low effort email or web-based phishing attack.

ThreatLabz analyzes data from over 200 billion daily transactions and 150 million daily blocked attacks in order to identify emerging threats and improve protections for Zscaler customers.

In this report, ThreatLabz looked at a year’s worth of global phishing data from the Zscaler cloud to identify key trends, industries and geographies at risk, and emerging tactics. In this report, we will share ThreatLabz findings and provide best practices guidance on how you can better identify and protect yourself against phishing attacks.

Top Phishing Targets in 2021

Seeing the US at the top of this list is not a surprise, as it has been by far the most targeted country for years, with one report citing the US as accounting for over 84% of phishing attempts in 2019. In 2021, phishing attempts in the US still accounted for over 60% in our analysis. However, phishing only rose 7% in the United States in 2021, whereas the growth was much higher elsewhere. There was a steep rise in several countries over the course of 2021, including an 829% increase in Singapore, 799% increase in Russia, 342% increase in France, and 331% increase in the United Kingdom.

To read full download the whitepaper:

2022 ThreatLabz Phishing Report

Leave a Reply

Your email address will not be published. Required fields are marked *