Among all the tactics used by cybercriminals, phishing, in other words fraudolent messages, usually emails, aimed at obtaining sensitive information by disguising as a trusted person or entity, is one of the most common. Atlas VPN has compiled a list of the top 5 phishing statistics in 2022 so far.
#1 In 67% of scam emails, the ‘subject’ line is empty
“If there is a tell-tale sign that the email one received is a phishing attempt, – they say from Atlas VPN – it is an empty subject line”: researchers found that 67% of cybercriminals leave the subject line blank. Other subject lines used by attackers, although less frequently, are ‘Fax Delivery Report’ (9%), ‘Business Proposal Request’ (6%), ‘Request’ (4%), ‘Meeting’ (4%), ‘You have (1*) New Voice Message’ (3.5%), ‘Re: Request’ (2%), ‘Urgent request’ (2%), and ‘Order Confirmation’ (2%).
#2 In Q1 2022, 52% of all phishing attacks were targeted at LinkedIn users
Cybercriminals often utilize big brand names in their phishing attempts hoping receivers will not notice the message is coming from an illegitimate source. In the first quarter of 2022, attackers most frequently chose LinkedIn as they go-to brand: it was used in 52% of phishing scams worldwide – a 44% upshift from 8% in the previous quarter. It was the first time a social media brand outranked tech giants like Apple, Google, and Microsoft as phishers’ favorites.
#3 The top-most phished crypto projects in 2022 are Blockchain.com, Luno, and Cardano
Even with the cryptocurrency market going through hard times, cybercriminals continue to use crypto brands in their scams, setting up fraudulent websites that look like legitimate brands with hopes of stealing sensitive information. With 662 phishing websites in the last 90 days (till June 22, 2022), cryptocurrency financial service company Blockchain.com was the most spoofed crypto brand. Crypto investing app Luno is the second on the list with 277 phishing pages, followed by proof-of-stake blockchain platform Cardano with 191.
#4 Almost 900 Amazon-related phishing sites on Amazon Prime Day
While consumers enjoyed great deals on July 12 for Amazon Prime Day, criminals were working hard to lure them into fake websites: Amazon was the most frequently impersonated of all the retail brands, with over 1,633 suspicious sites detected in the preceding 90 days. While those websites were being continuously taken down, on the Amazon Prime Day 897 of them were still live.
#5 Data breaches happen in 54% of successful phishing attacks
If successful, phishing attacks can have devastating consequences. According to Proofpoint’s 2022 State of the Phish Report, a whopping 83% of organizations said they had suffered successful phishing attacks in 2021. Of them, 54% ended in a customer or client data breach. Bulk phishing was the most common type of phishing attack. In total, 86% of organizations faced such attacks in 2021.