New Delhi, April 18: Phishing attacks rose nearly 50 per cent in 2022 compared to 2021 and education was the most targeted industry, with attacks increasing by 576 per cent, a report showed on Tuesday. Other sectors that faced the brunt were finance and government, while 2021's top target, retail and wholesale, dropped by 67 per cent, according to cloud security leader Zscaler.
The top five most targeted countries were the US, the UK, the Netherlands, Canada and Russia. Top targeted brands include Microsoft, Binance, Netflix, Facebook, and Adobe, said the report. "Threat actors are leveraging phishing kits and AI tools to launch highly effective e-mail, SMiShing, and Vishing campaigns at scale", said Deepen Desai, Global CISO and Head of Security, Zscaler. Cyber Attack in India: Hackers Target Indian Account Holders in Tax-Related Smishing Campaign, Says Report.
AI tools like ChatGPT and Phishing Kits have significantly contributed to the growth of phishing, reducing the technical barriers to entry for criminals and saving them time and resources. The report found that a majority of modern phishing attacks rely on stolen credentials and outlined the growing threat from Adversary-in-the-Middle attacks, increased use of the InterPlanetary File System (IPFS), as well as reliance on phishing kits sourced from black markets and AI tools like ChatGPT.
Vishing, or voicemail-themed phishing campaigns, have evolved from SMS or SMiShing attacks. Attackers are using real voice snippets of the executive team in these vishing attacks by leaving a voicemail of these pre-recorded messages. Then, recipients are pressured into taking action, like transferring money or providing credentials. Many US-based organisations have been targeted using Vishing attacks. India Highest Attacked Country by Hackers in Asia in 2022: Report.
Recruitment scams on LinkedIn and other job recruiting sites are also on the rise, said the report. Microsoft was once again the most imitated brand of the year, accounting for nearly 31 per cent of attacks as the attackers phished for access to various Microsoft corporate applications of the victim organisations.
(The above story first appeared on LatestLY on Apr 18, 2023 07:08 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).