Phishing Attacks Surged in Q2 2021
According to a report by Vade, phishing attacks increased in Q2 2021, including 4.2 billion phishing emails in June alone.
“Overall phishing increased dramatically in Q2 2021, with a significant spike (281 percent) in May and another 284 percent increase in June, for a total of 4.2 billion phishing emails detected by Vade for the month,” the researchers write. “The increase in May can be attributed to spambot activity, as well as an increase in Amazon and SMBC phishing.”
Vade adds that the sophistication and quality of attacks are also increasing.
“H1 saw a surge of advanced phishing attacks featuring sophisticated automation techniques and abuse of high-reputation domains,” the researchers write. “Due to the high level of targeting and automation we have seen in the first half of 2021, we should place less emphasis on the total number of unique URLs detected and more on the nature and quality of the threats received.”
Vade discovered a phishing campaign that used automation to create phishing pages that were tailored to their victims.
“In late June, Vade detected a sophisticated Microsoft phishing attack featuring an automated rendering of public logos and background images on Microsoft 365 login pages,” the researchers write. “When a victim clicks on an email phishing link, they are taken to a waiting page, the purpose of which is to determine if the user is the intended target. If the user is not the intended target, the phishing page is not shown. If the victim is the intended target, the hacker then makes an HTTP post request for the logo and background image of the victim’s corporate entity. The victim is then redirected to a custom Microsoft 365 login page with their company’s corporate logo and background image.”
Additionally, 2021 is already primed to go down as one of the worst years on record for ransomware attacks. According to a report by SonicWall, attempted ransomware attacks skyrocketed in the first half of 2021, with 304.7 million attempted attacks seen by the company. SonicWall researchers saw a record number of attempted attacks in both April and May but both months were beaten by June, which had a record 78.4 million attempted ransomware attacks.
Ransomware attacks in 2021 have already surpassed the 304.6 million recorded in 2020.
Yeo & Yeo Technology can help train your employees to identify social engineering and cyberattacks with our security awareness training and testing.
Looking to educate your human firewall? Contact Yeo & Yeo Technology.
Information used in this article was provided by our partners at KnowBe4 and the article “Ransomware attempt volume sets record, reaches more than 300 million for first half of 2021: SonicWall” from ZDNET.