Page 4 - AeM_May_2022
P. 4
RESEARCH, ANALYSIS & TRENDS
Spike in ransomware attacks
"Like with other financially-motivated cyber-attacks, the
focus of most ransomware attacks is more about the
ability to quickly profit from the exploitation of a
corporate network and less about the characteristics of
the victim company itself." The top industries impacted
by ransomware in Q4 2021 were manufacturing, retail
and wholesale, business services, construction, and
healthcare.
PhishLabs, by HelpSystems, analyzed malicious emails
reported by corporate users and categorized them by
threat type. PhishLabs found that in Q4 2021: 51.8% of
them were credential theft phishing attacks, 38.6%
were response-based attacks (such as BEC, 419, and
The APWG's new Phishing Activity Trends gift card frauds), and 9.6% were malware delivery
Report reveals that the number of phishing attacks.
attacks has tripled from early 2020. APWG
observed 316,747 phishing attacks in December Agari by Helpsystems found that the average amount
2021, which is the highest number since APWG requested in wire transfer BEC attacks in Q4 2021 was
start in 2004. $50,027, down from $64,353 in Q3 2021. This
decrease was because scammers requested fewer big-
In the fourth quarter of 2021, APWG founding member dollar transfers over $100,000. RiskIQ also observed a
OpSec Security found that the financial sector, which surge in phishing continued along with an increase in
includes banks, became the most frequently attacked the overall number of phishing emails. And Axur found
cohort, accounting for 23.2% of all phishing that phishing in Brazil went down in Q4, a pleasantly
surprising development during the holiday shopping
Attacks against webmail and software-as-a-service season.
(SaaS) providers remained prevalent as well. Phishing
against cryptocurrency targets – such as Agari found that domain name registrar NameCheap
cryptocurrency exchanges and wallet providers – was the primary registrar used by cybercriminals to
inched up to represent 6.5% of attacks.
register the domain names for BEC attacks in Q4 2021.
NameCheap accounted for more than half of all BEC
Overall, the number of brands that were attacked in Q4
descended from a record 715 in September 2021, domain registrations, with Google and GoDaddy each
cresting at 682 in November for the Q4 period making up 8%. As the name implies, NameCheap is
one of the least expensive places to register a domain.
Abnormal Security observed 4,200 companies, This is likely a factor in its popularity with scammers.
organizations, and government institutions falling victim
to ransomware in Q4 2021, some 36% higher than in RiskIQ found that the 13,947 confirmed phishing URLs
Q3 2021 and the highest number the company has reported to APWG in Q4 2021 were hosted on just
witnessed over the past two years. "The overall 1,444 unique second-level domains. In comparison, in
distribution of ransomware victims indicates that Q3, RiskIQ analyzed 4,340 confirmed phishing URLs
ransomware attacks are industry-agnostic," said Crane and found that they were hosted on 2,649 unique
Hassold, Director of Threat Intelligence at Abnormal second-level domains – almost twice as many
Security. domains. (Source: APWG Trend Reports) ◊
By MediaBUZZ
4 May 2022: Security & Data Privacy in Marketing