Top 5 phishing statistics of 2022
Phishing has long been one of the cybercriminals' favorite tactics. It involves scammers sending a fraudulent message, usually via email, pretending to be a trusted person or an entity in hopes of tricking an unsuspecting victim into revealing sensitive information.
While 2022 is not over, phishers have already launched various attacks. In this article, Atlas VPN team has compiled a list of the top five most notable phishing statistics and findings of this year so far.
#1 Almost 70% of email scammers leave the 'subject' line empty (Source)
If there is a tell-tale sign that the email one received is a phishing attempt is an empty subject line. Research finds that 67% of cybercriminals leave the subject line blank when sending malicious emails.
Other subject lines attackers use, although less frequently, include 'Fax Delivery Report' (9%), 'Business Proposal Request' (6%), 'Request' (4%), 'Meeting' (4%), 'You have (1*) New Voice Message' (3.5%) , 'Re: Request' (2%), 'Urgent request' (2%), and 'Order Confirmation' (2%).
#2 LinkedIn users targeted in 52% of all phishing attacks globally in Q1 2022 (Source)
Cybercriminals often utilize big brand names in their phishing attempts in hopes receivers will not notice the message is coming from an illegitimate source. In the first quarter of 2022, attackers most frequently chose LinkedIn as they go to brand.
Linkedin was used in over half (52%) of phishing scams worldwide — a 44% upshift from 8% in the previous quarter. It was the first time a social media brand outranked tech giants like Apple, Google, and Microsoft as phishers' favorites.
#3 Blockchain.com, Luno, and Cardano are the top-most phished crypto projects (Source)
Even with the cryptocurrency market going through hard times, cybercriminals continue to use crypto brands in their scams. One of their tactics is to set up fraudulent websites that look like legitimate brands with hopes of stealing sensitive information.
Cryptocurrency financial service company Blockchain.com was the most spoofed crypto brand, with 662 phishing websites in the last 90 days (till June 22, 2022). Crypto investing app Luno is the second on the list with 277 phishing pages, followed by proof-of-stake blockchain platform Cardano with 191.
#4 Amazon-related phishing sites approach 900 on Amazon Prime Day (Source)
Amazon's Prime Day is a long-awaited sales event for shoppers. However, while consumers enjoy great deals, criminals are working hard to lure them into fake websites.
Amazon was the most frequently impersonated of all the retail brands, with over 1,633 suspicious sites detected in the last 90 days (till July 12, 2022). While the websites are being continuously taken down, as of July 12, the Amazon Prime Day, as many as 897 websites were still live.
#5 54% of successful phishing attacks end in customers' data breach (Source)
In 2021, we had already observed the increase in unique phishing sites. If successful, phishing attacks can have devastating consequences. According to Proofpoint's 2022 State of the Phish Report, a whopping 83% of organizations said they had suffered successful phishing attacks last year. Of them, 54% ended in a customer or client data breach.
Bulk phishing was the most common type of phishing attack. In total, 86% of organizations faced such attacks in 2021.
Note: If you would like to learn more about the online crime landscape, we have prepared a report that overviews 60 Worrying Cybercrime Statistics.