The state of phishing in 2022

8 minutes reading

You might believe that phishing is an old issue that everyone knows about, unfortunately the threat continues to evolve. In order to stay protected, it pays to be aware of the new trends. What does phishing look like in 2022 and how do you protect your business from it?

This is an audio version of the article:

Did you like it? Let us know what you think about this initiative by completing a 2-min survey.

Phishing has been with us ever since the 1990s, and to this day, a lot has been said about this common threat – how to recognise phishing, how to train your employees to protect their own as well as their employer’s devices, and much more. Nowadays, both companies and individuals have largely become aware of the issue, yet still, the number of phishing attacks continues to rise, making it apparent that even today, cybercriminals view it as a productive way of getting what they desire. How is that possible?

Graph showing the surge of phishing attacks in 2022

1. Phishing adapts to the global situation

To achieve their goals, cybercriminals need to ensure that their victims will cooperate with their demands – and if they decide to hide their malicious intentions behind the context of the moment, it is more probable that they will succeed. Throughout a calendar year, cybercriminals make use of various events: for instance, at the beginning of a school year, they send phishing e-mails to parents, pretending they are official messages from educational institutions.

For instance, dramatic events of the last 2-3 years have been abused by cybercriminals to hide their aims and appeal to the human sense of fear, panic or desire to help those in need. ESET’s T1 2022 Threat Report explains that “the war [in Ukraine] has been noticeably exploited by spam and phishing threats. Immediately after the invasion on February 24, scammers started to take advantage of people trying to support Ukraine, using fictitious charities and fundraisers as lures.”

Apart from the war, “other phishing lures mention updated COVID-19 travel restrictions, an approved regional aid map for Greece, and a Regulation of the European Parliament and of the Council.” Using these issues as themes in their phishing attempts, cybercriminals try to lure those who are distressed by the situation, who want to help, or who simply believe that criminals wouldn’t go as far as using other people’s trauma for their own benefit.


2. Phishing changes its mask

Cybercriminals continue to change the type of websites they use as cover for their phishing attempts. According to ESET’s T1 2022 Threat Report, “websites masquerading as email services and gaming platforms were on the rise this period, the former increasing by 54% and the latter by a remarkable 291% in numbers of URLs seen. […] Although not placing in the top 10 categories, there was a notable 126% increase in travel-themed phishing URLs. These were almost exclusively represented by Airbnb copycats […].”

Additionally, phishing attempts at .com domains often use famous and trustworthy names in order to confuse and lure victims. Amongst the 10 most common .com domains used for phishing, Cofense names Google, Adobe or (Microsoft) SharePoint. When users see these trusted companies or products, they may be quick in believing in their legitimacy.

Graph showing the most popular phishing websites categories

3. More sophisticated forms of phishing are on the rise

Many people still don’t realise that phishing does not equal e-mails with poor grammar. Phishing can have many forms and be quite sophisticated. Additionally, new forms of phishing continue to surface. Here are a few phishing types to be aware of in 2022:

4. Old threats continue to work

As the previous point suggests, the evolution of phishing makes it necessary for potential victims to keep up with the new trends and continuously improve their education on the variety of threats they may encounter. But still, even the traditional forms of phishing, which may shock you with their apparent deceit, continue to lure new victims.

At the beginning of 2022, Tripwire shared: “In 2022, it is somewhat unbelievable that ‘Nigerian Prince’ response-based attacks have increased by 3.3%. The fact that this decades-old scam still exists is almost breath-taking. Prior to the internet, these scams were transmitted via fax machines. Unfortunately, the [Agari and PhishLabs] report does not indicate the success rate of these scams, but their continued existence would suggest that they are still effective.” This seemingly humorous reminder proves that until security technology and efficient education work together, even the most rudimentary threats will represent a risk to digital safety.