More than 1 million unique phishing websites were detected in H1 2021

Ruth C. | October 20, 2021

Phishing is one of the easiest cyber attacks to carry out and highly effective for defrauding victims of sensitive information. It may be why phishing attack numbers continue to rise.

According to the data presented by the Atlas VPN team, 1,228,816 unique phishing websites were detected in H1 2021 — a whopping 294% increase compared to 311,766 websites in H1 2020. 

The calculations are based on the information from the APWG Phishing Activity Trends reports. The reports cover phishing attacks and other identity theft techniques registered in the first two quarters of 2020 and 2021. 

A record number of phishing websites was seen at the very start of the year. In January alone, there were 245,771 unique phishing websites identified. The number of such websites dropped by 35% in February to 158,898 before rebounding in March, growing by 30% to 207,208. In total, 611,877 unique phishing websites were found in Q1 2021.

Moving on to the second quarter of 2021, the month of April saw 204,050 unique phishing websites — a mere 2% decrease from the March numbers. In May, the unique phishing websites plummeted again, this time by 7% to 190,762. Finally, in June, the number of such websites increased by 16% to 222,127, bringing the total number of unique phishing websites in Q2 2021 to 616,939 — a slight 1% growth over Q1 2021. 

Financial institutions and social media firms experienced the biggest share of phishing attacks out of all industries. Because of the wealth of sensitive information that may be accessed by hacking the services, both sectors are lucrative targets for phishers.

The number of brands targeted by phishing campaigns is on the rise

Just as the number of unique phishing websites increased in the first half of this year, the number of brands targeted by phishing campaigns also grew. 

In the first half of 2021, phishers attacked 2,761 brands. Compared to H1 2020, when 2,128 such brands were registered, the number of companies targeted by phishing attacks climbed by 30%.

While the first quarter of this year saw 1,302 brands targeted by phishing attacks by the second quarter of 2021, such brands leaped by 12%, reaching 1,459. The most significant number of brand phishing attacks this year was recorded in May — 500. 

Financial institutions and social media firms experienced the biggest share of phishing attacks out of all industries. Because of the wealth of sensitive information that may be accessed by hacking the services, both sectors are lucrative targets for phishers.

Tips for identifying phishing websites

Cybercriminals are constantly updating their techniques, making phishing attacks increasingly sophisticated and hard to spot. Nevertheless, following a few tried-and-true tips will help you identify and avoid the majority of malicious phishing websites set up to defraud you.

Check the website URL. Make sure the URL of the website you are visiting starts with "HTTPS" rather than "HTTP." The "S" in "HTTPS" stands for secure, indicating that the site is using a Secure Sockets Layer (SSL) certificate. This means that as your data travels from your browser to the website's server, it is encrypted. You should also search for the padlock icon, which is located to the left of the URL. By clicking on it, you can learn information on the site's security certificates and cookies. What is more, bogus websites frequently use needless symbols, words, or domains to impersonate well-known firms. Double-check the spelling of the URL to make sure you are not being deceived.

Inspect the web content. A lot of work from designers to copywriters goes into preparing a company's website. Obvious spelling errors, low-resolution images, or even lack of information should be considered as red flags and signal that the website might not be legitimate.

Look for online reviews. It is never a bad idea to do some research. Set aside some time to read website reviews. If a website is fake, chances are someone has already warned you about it online. A general lack of information can also be a red flag that the website is a hoax.

Check out our 2021 H1 Cybercrime Statistics report to learn more about phishing trends of this year

Ruth C.

Ruth C.

Cybersecurity Researcher and Publisher at Atlas VPN. Interested in cybercrime, online security, and privacy-related topics.

Tags:

Phishing

© 2021 Atlas VPN. All rights reserved.