Zscaler: Nearly 50% Increase in Phishing Attacks; Education, Finance, and Government Heavily Targeted

Zscaler, a San Jose-based cloud security company, has released its 2023 ThreatLabz Phishing Report finding that a majority of modern phishing attacks rely on stolen credentials and outlined the growing threat from Adversary-in-the-Middle (AitM) attacks, increased use of the InterPlanetary File System (IPFS), as well as reliance on phishing kits sourced from black markets and AI tools like ChatGPT.

Phishing attacks around the world rose nearly 50% in 2022 compared to 2021, according to the report. Education was the most targeted industry, with attacks increasing by 576%, followed by finance and government, while last year’s top target, retail, and wholesale, dropped by 67%.

The top five most targeted countries were the United States, the United Kingdom, the Netherlands, Canada, and Russia.

AI tools like ChatGPT & Phishing Kits have significantly contributed to the growth of phishing, reducing the technical barriers to entry for criminals and saving them time and resources. Meanwhile, Vishing, or voicemail-themed phishing campaigns, have evolved from SMS or SMiShing attacks. Attackers are using real voice snippets of the executive team in these vishing attacks by leaving a voicemail of these pre-recorded messages. Then, recipients are pressured into taking action, like transferring money or providing credentials. Many US-based organizations have been targeted using Vishing attacks.

“Threat actors are leveraging phishing kits & AI tools to launch highly effective e-mail, SMiShing, and Vishing campaigns at scale”,” said Deepen Desai, Global CISO and Head of Security at Zscaler. “AitM attacks supported by growth in Phishing-as-a-Service have allowed attackers to bypass traditional security models, including multi-factor authentication. To protect their environment, organizations should adopt a Zero Trust architecture to significantly minimize the attack surface, prevent compromise, and reduce the blast radius in case of a successful attack.”

The report also says that recruitment scams on job recruiting sites are also on the rise. Tech industry layoffs have enabled cybercriminals to more effectively leverage fake job postings, sites, portals, and forms to attract job seekers. Victims would often undergo an entire interview process, with some even being asked to purchase supplies to be reimbursed later.

The report is based on 12 months of global phishing data to identify the latest trends, emerging tactics, and which industries and regions are most impacted by phishing attacks. Data was collected from January 2022 through December 2022.

Channel Impact^®
The threats outlined in this report provide a huge opportunity for channel partners to better understand the attack vectors, and thereby provide strengthened value to customers.