Anti-Phishing Cybersecurity

APWG Phishing Trends Report: Year on Year Review (2022)
BLOG

APWG Phishing Trends Report: Year on Year Review (2022)

Reading Time: 5 minutes

TLDR: Our previous article on this subject focused on the historical figures provided by the APWG (Anti Phishing Working Group, and highlighted the growth in phishing attacks and particularly the growth in brand spoofing. This article focuses on the continued growth in the trends for Q1 2022, where the APWG observed 1,025,968 total phishing attacks. This was the worst quarter for phishing that APWG has ever observed, and the first time that the quarterly total has exceeded one million. Anti-Phishing professionals continue to struggle to find solutions to this challenge, however, they often ignore technologies like computer vision, which can help to identify attacks that make use of graphical attack vectors to confuse victims by playing on trust as a mechanism to get credentials and other details, and plant malware.


The Anti-Phishing Working Group (APWG) has been issuing quarterly reports pertaining to trends in phishing activity since 2004. The APWG Phishing Activity Trends Report analyzes phishing attacks that have been reported to the organization by its member companies, research partners and through independent submissions on their website or via email. Their goal is to measure and report on the proliferation and evolution of crimeware, and for interested parties and stakeholders to take positive actions to counter these threats.

In this article, we will look closely at the observations and figures presented in the APWG Phishing Trends Report quarter one of 2022 while including historical data from the previous three quarters for reference, with the hope of highlighting the vast changes that have occurred in phishing in what is a relatively short space in time.

Below we see a line chart that clearly visually represents the overall rise in the 3 key tracked metrics. Additionally, the table shows the detail for the monthly figures. Most concerning is that APWG reported 1,025,968 phishing attacks in Q1 2022; the highest quarterly number in their reporting history and the first time they have seen phishing attacks exceed one million! It is also notable that this number is 67% higher than the same period in 2021 (611,877).

Similarly, they saw an almost 45% rise in spoofed brands, rising from 465 in March 2021 to 673 in March 2022. This shows how bad actors continue to rely on brand spoofing as an attack vector because of its relative simplicity and how effective it is at building trust in their targeted victims.

Table of data - Q2, 2021 to Q1, 2022 (Scroll right to see more columns)
Q2 2021 Q3 2021 Q4 2021 Q1 2022
April May June July August September October November December January February March
No. Of Unique Phishing Websites Detected 204,050 190,762 222,127 260,642 255,385 214,345 267,530 304,308 316,747 331,698 309,979 384,291
No. of Unique Phishing Email Subjects 11,400 9,239 9,669 11,384 10,716 64,233 12,350 13,937 16,461 15,275 14,176 24,187
Number of Spoofed Brands 464 500 495 522 603 715 624 682 521 608 621 673

This alone is extremely concerning, but we must look beyond this top level number at the specific techniques and approaches utilised by bad actors to ensure success.

An alarming increase in phishing websites detected 

The rise in phishing websites was initially attributed to the changes in working practices and lifestyles of populations during the pandemic years, however, we are seeing a continued upward trend post-pandemic. The number for March 2022 is the highest in recorded history 21% higher than the previous high in December 2021.  

This continued increase points to the fact that this approach obviously pays dividends for bad actors, who are happy to latch on to a relatively simple approach and use technologies that can spin out thousands of spoof websites with ease. 

Suspected Phishing Email
Suspected Phishing Email

A significant drop in email phishing subjects 

During the pandemic years we saw bad actors try a broad range of phishing subjects, and so this figure jumped to a high of 64,000+ in September 2021. However, a sharp decline since then indicates that they have worked out which subjects deliver the best returns and are focusing on that core list.

Brand Spoofing Example

While the data from APWG’s Phishing Trends Report shows sporadic jumps in phishing sites and a decrease in phishing subjects, brand spoofing is another story. The historical data shown in our previous phishing report article showing trends from 2018 to 2021 shows that there is a continual upward trend that peaks each year somewhere between July and September. Thereafter we see a fall again. But the falls are always higher than the corresponding month in the previous year. As such, we fully anticipate that September 2022 will show yet another high-point in the number of brands being exploited by spoofing.

As users have become savvier when it comes to spotting a suspicious email or text message, bad actors have become more sophisticated, learning to mislead with brands people trust. This doesn’t just entail using logos that users will be familiar with, but using security icons, brand colours, plus form and button styles to convince users they are legitimate. 

Detecting brand spoofing 

With brand spoofing proving to be a common and successful method of phishing, anti-phishing software providers are understandably wondering what they can do to reduce their effectiveness. Detection and flagging of trigger words such as “account” and “payment” are still viable methods of phishing protection, however, in order to tackle sophisticated brand spoofing, more elements need to be analyzed with phishing websites and emails. 

But the growth in sophistication doesn’t stop at spoofing brand logos and visuals. Bad actors are using graphics as an attack vector in itself.

This speaks to the value and importance of introducing an element of computer vision into phishing detection systems. With such technology, it will be possible for anti-phishing programs to scan for graphical brand elements such as logos and other significant and recognizable marks, like Trustpilot icons and security shield marks. It can also flag forms, buttons, and hyperlinks that may be seen as a threatening visual signals in communications, as well as the use of graphics and other programmatic techniques to evade detection. 

A joint effort 

Tackling phishing is something that requires a joint effort from cybersecurity businesses and  organizations like APWG as well as other companies regardless of industry, and individuals. As it is something that has been seen to have personal, corporate and societal implications, it is important that we all take responsibility for highlighting and flagging phishing attempts. 

One such way of doing this is contributing to APWG’s efforts by submitting any phishing attempts you experience on their website, APWG.org, or by emailing [email protected]

You can view all of APWG’s Phishing Trends Reports here

Another way is to make use of the latest technologies to harden detection systems against these latest attack vectors. So if you’re challenged by these issues and would like to find out more about detecting visual threats, visit our Visual Phishing Detection page, or fill out the form below.

Book A Demo

RELATED

BLOG BLOG
Are Website CMS, Email Marketing, and Survey Platforms Accountable For Their Part In The Phishing Epidemic?

Reading Time: 7 minutes TLDR: Phishing attacks have reached the highest levels ever seen. Bad Actors are abusing convenient and…

Anti-Phishing Cybersecurity
BLOG BLOG
How Visual Search is Used in Anti-Phishing

Reading Time: 2 minutes Visual Search in Phishing Protection – an effective combination Visual search is a powerful piece of…

Anti-Phishing
BLOG BLOG
How Object Detection is Used in Anti-Phishing

Reading Time: 3 minutes Object Detection plays an important role in phishing protection We have discussed previously how logo detection…

Anti-Phishing

Trusted by the world's leading platforms, marketplaces and agencies

Integrate Visual-AI Into Your Platform

Seamlessly integrating our API is quick and easy, and if you have questions, there are real people here to help. So start today; complete the contact form and our team will get straight back to you.

  • This field is for validation purposes and should be left unchanged.