Report: Phishing attacks jump 61% in 2022, with 255M attacks detected

>>Don’t miss our special issue: How Data Privacy Is Transforming Marketing.<<

According to the latest annual State of Phishing report from SlashNext, there has been an 80% increase in phishing threats originating from accounts on trusted services such as Microsoft, Amazon Web Services or Google, with nearly one-third (32%) of all threats now being hosted on trusted services. 

Additionally, the report found more than 255 million attacks in 2022 – a 61% increase in the rate of phishing attacks compared to 2021.  

The report data is taken from a sample of threats detected by SlashNext security products. SlashNext analyzed over a billion link-based, malicious attachments and natural language threats scanned in email, mobile and browser channels over six months in 2022. The findings highlight a dramatic increase in phishing scams, as well as a new surface of tactics, as hybrid work and the use of personal mobile devices for work continue to be a trend.

For example, the report found that 76% of the attacks found in 2022 were credential harvesting, which is still the number one cause of breaches. Additionally, 54% of threats detected by SlashNext in 2022 were zero-hour attacks, representing a 48% increase in zero-hour threats from the end of 2021.

SlashNext’s research findings indicate that organizations must move from traditional security practices and last-generation tools to a modern security strategy including robust artificial intelligence (AI) phishing controls that address all variations of phishing attacks and provides a broad range of protections. 

Read the full report from SlashNext.