APWG recorded 316,747 phishing attacks in December 2021, the highest monthly total seen since its reporting program began in 2004. Overall, the number of phishing attacks has tripled since the start of 2020.
In Q4 2021, the financial sector, which includes banks, became the most frequently attacked cohort, accounting for 23.2% of all phishing. Attacks against webmail and software-as-a-service (SaaS) providers also remained common. Phishing against cryptocurrency targets — such as cryptocurrency exchanges and wallet providers — rose to account for 6.5% of attacks.
Overall, the number of trademarks attacked in Q4 increased from a record high of 715 in September 2021 to 682 in November for the Q4 period.
Abnormal Security observed that 4,200 businesses, organizations and government institutions fell victim to ransomware in Q4 2021, some 36% more than Q3 2021 and the highest number the company has seen in recent years. last two years.
“The overall distribution of ransomware victims indicates that ransomware attacks are independent of industry,” said Hassold CraneDirector of Threat Intelligence at Abnormal Security.
“As with other financially motivated cyberattacks, most ransomware attacks focus more on the ability to quickly profit from exploiting a corporate network and less on the characteristics of the victimized business itself. .”
The main sectors affected by ransomware in the fourth quarter of 2021 were manufacturing, retail and wholesale, business services, construction and healthcare.
BEC attacks decreased
PhishLabs analyzed malicious emails reported by business users and categorized them by type of threat. It revealed that in Q4 2021: 51.8% of them were phishing attacks with stolen credentials; 38.6% were response-based attacks (such as BEC, 419, and gift card scams); and 9.6% were malware delivery attacks.
Agari found that the average amount requested in bank transfer BEC attacks in Q4 2021 was $50,027, compared to $64,353 in Q3 2021. This decrease was due to scammers requesting fewer wholesale transfers dollars over $100,000. RiskIQ has also observed a continued increase in phishing as well as an increase in the overall number of phishing emails. And Axur found that phishing in Brazil declined in the fourth quarter, a pleasantly surprising development during the holiday shopping season.
Agari found domain name registrar NameCheap was the top registrar used by cybercriminals to register domain names for BEC attacks in Q4 2021. NameCheap accounted for more than half of all registrations BEC, Google and GoDaddy domains each representing 8%. As the name suggests, NameCheap is one of the cheapest places to register a domain. This is probably a factor in its popularity with scammers.
RiskIQ found that the 13,947 confirmed phishing URLs reported to the APWG in Q4 2021 were hosted on just 1,444 unique second-level domains. In comparison, in Q3, RiskIQ analyzed 4,340 confirmed phishing URLs and found that they were hosted on 2,649 unique second-level domains, nearly twice as many domains.