According to the ‘Phishing Activity Trends Report‘ newly published by the Anti-Phishing Working Group (APWG), 2016 was a piss-poor year.
The report suggests that, in fact, 2016 was the worst year for phishing attacks ever. With the total number of attacks totalling 1,220,523 this represents a 65% increase over the 2015 numbers.
The growth in phishing is put into even sharper perspective if you jump all the way back to 2004, when the APWG saw just 1,609 attacks per month across the fourth quarter of the year. Compare that to the fourth quarter of 2016 and the monthly average was 92,564. In percentage terms that’s an increase of 5,753% over 12 years. That’s the single biggest percentage figure our analysts have ever had to type here at IT Security Thing, and some of us have been at this game for more than 25 years!
So, are we surprised? Not a bit, truth be told. There are two consistent attack entry point methodologies being put to use by threat actors, pretty much regardless of the threat payload: DDoS and phishing. Although DDoS gets a lot of press for taking down large organisations, it’s more commonly used to disrupt much smaller businesses. Typically, we see DDoS attacks used as smoke screens to divert resources (security team eyes, essentially) from the real payload that is often data exfiltration elsewhere on the network.