PhishLabs Releases Q1 Threat Trends & Intelligence Report

Posted on May 26, 2021

Phishing Attacks Increase 47% in Q1

May 26, 2021, Charleston, SC – PhishLabs, the leading provider of Digital Risk Protection solutions, today released their Q1 Threat Trends & Intelligence Report. PhishLabs analyzed and mitigated hundreds of thousands of attacks targeting enterprise brands and employees in the first quarter of 2021. The report uses data from those attacks to determine key trends shaping the threat landscape.

The PhishLabs Q1 2021 Threat Trends & Intelligence Report is available to download.

“Phishing continues to grow in sophistication and frequency,” said John LaCour, Founder and CTO of PhishLabs. “Ecommerce and cryptocurrency platforms are being targeted more aggressively while social media and financial services continue to experience high attack volumes.”

Key findings of the Q1 Threat Trends & Intelligence Report include:

  • Phishing site volume outpaced Q1 of 2020 by 47 percent
  • 62 percent of phishing sites abused free online services and tools
  • 82.7 percent of phishing attacks used SSL certificates
  • ZLoader accounted for 62 percent of malware delivered by phishing emails
  • 44.5 percent of credential theft attacks reported by corporate email users targeted Office 365 account credentials

In addition to the findings above, PhishLabs observed significant growth in attacks targeting cryptocurrency accounts. This increase may be attributed to the sector’s rapid rise in popularity. The large potential payouts and perceived low risk from stealing cryptocurrency may also factor into the increase.

Furthermore, accounts commonly used for Single Sign On (SSO) were heavily targeted in Q1. Forty percent of phishing sites targeted social media, webmail, and other accounts that are often used to login to unrelated services. Once compromised, these accounts can be used to access other accounts that trust them.

PhishLabs Founder and CTO John LaCour will discuss key findings from the report on May 26 at 2PM ET. 

About PhishLabs

PhishLabs is a cyber threat intelligence company that protects against brand, account takeover, and data leakage threats. Founded in 2008, we deliver curated threat intelligence and complete threat mitigation across the digital risk landscape. The world’s leading brands and companies rely on PhishLabs to find and remediate external threats wherever they live.

Contact Us

Recent News

A PhishLabs report by security writer Brian Krebs was featured in a CNET article warning web users about HTTPS security fraud on the Internet.

Founder and CTO of PhishLabs John LaCour spoke with FBI Special Agent Davey Ware at the RSA Conference in San Francisco to talk about how vishing attacks work to defraud victims of their money and

Half of all phishing sites now have padlocks, but are anything but secure

Originally published in BLEEPINGCOMPUTER

Excerpt:

Charleston-based cybersecurity company is named a top employer in South Carolina.