Phishing rises, ransomware declines?

As highlighted in the latest APWG (Anti-Phishing working Group) Phishing Activity Trends Report, Q3/2022 saw a new record and the worst quarter for phishing ever observed.

However, it appears fewer companies were victimized by ransomware than at any point since early 2021. Although this is just a representative sample and a subset of attacks occurring worldwide, the trend is worth watching: a similar slowdown in attacks was reported by SonicWall and Coveware during mid-year 2022.

It appears the meltdown in cryptocurrency markets and some ransomware operations shutdowns (notably Conti), has impacted the ransomware-as-a-service business.

It remains to be seen if this is permanent trend or a temporary lull. One also hopes last year's highly publicized attacks have prompted organizations to step up defenses, including more widespread MFA implementation and raising security awareness.

APWG collects and analyzes phishing attacks and other identity theft techniques, as reported to the APWG by its member companies and research partners, as well as submitted through the organization’s website and by e-mail. APWG measures the evolution, proliferation, and propagation of identity theft methods.