One cybersecurity firm’s analysis of 12 months of ecosystem data showed that phishing attacks have become more accessible to cybercriminals

In reviewing January 2022 – December 2022 data from its security cloud service that monitors over 280bn daily transactions for users, one cybersecurity firm has offered some insights on trends discerned in its ecosystem.

The data showed that a majority of modern phishing attacks rely on stolen credentials; that Adversary-in-the-Middle (AitM) attacks were increasing; and so was the reliance on phishing kits sourced from black markets.

Also, the emergence of new AI technology and large language models such as ChatGPT had also enabled cybercriminals to conduct phishing attacks among the firm’s ecosystem users.

Key findings

Zscaler, the firm that released its findings, has summarized the following trends discerned from its security cloud:

    • Phishing attacks around the world rose nearly 50% in 2022 compared to 2021.
    • Globally, the firm’s customers in education were the most targeted industry, with attacks increasing by 576%, followed by finance and government, while last year’s top target — retail and wholesale — experienced a drop of 67%.
    • The top five most targeted countries in the firm’s ecosystem were the United States, the United Kingdom, the Netherlands, Canada, and Russia.
    • Top brands used for attacks included Microsoft, Binance, Netflix, Facebook, and Adobe.
    • AI tools like ChatGPT and phishing kits significantly contributed to the growth of phishing and for reducing the technical barriers to entry.
    • SMS phishing had evolved to more voicemail-related phishing to lure more victims into opening malicious attachments.

The firm recommends the following measures for improving security against phishing:

    • keeping updated on the risks to inform policy and strategy management
    • leveraging automated tools and threat intel
    • implementing zero trust architecture to limit the blast radius
    • delivering timely training to build security awareness and promote user reporting
    • simulating phishing attacks to identify cyber defence gaps