Phishing kits have become more evasive and advanced over the last two years

A new report from Group-IB’s Computer Emergency Response Team (CERT-GIB) analyzed the evolution of phishing kits in 2022.

CERT-GIB identified 3,677 unique phishing kits in 2022, 25% more than in 2021. Key phishing trends observed by Group-IB are the increasing use of access control and advanced detection evasion techniques:

    • Advanced detection evasion techniques were used by 2,060 kits observed in 2022 (26% more than a year earlier)
    • CERT-GIB observed a 40% increase in the use of anti-bot technologies
    • The most commonly used detection evasion technique was the directory randomization
    • hypertext access (.htaccess) became the most popular basic evasive technique in 2022 – 20% of detected phishing kits employed this tactic (+80% compared to the previous year)
    • Under half of the phishing kits from 2022 seen by CERT-GIB relied on email to handle stolen information with Gmail being the most preferred email service
    • A continuing trend is the sustained popularity of Telegram for stolen data collection: 623 kits used Telegram (68% more than a year earlier)

Check out this infographic for an overview of the evolution of phishing kits in 2022.

Check it here.