Publication

Phishing Activity Trends Report Q4 2020

About

Publication date: 2021

Author: Anti Phishing Working Group (APWG)

Type

The APWG Phishing Activity Trends Report analyzes phishing attacks reported to the APWG by its member companies, its Global Research Partners, through the organization’s website at https://apwg.org, and by e-mail submissions to reportphishing@antiphishing.org. APWG also measures the evolution, proliferation, and propagation of crimeware by drawing from the research of our member companies.

Summary of report:

  • The number of phishing attacks observed by APWG and its members grew through 2020, doubling over the course of the year.
  • Business e-mail compromise scams are becoming more costly for victims. The average wire transfer request in BEC attacks increased from $48,000 in Q3 to $75,000 in Q4.
  • The financial institution, webmail, and SaaS site category was the one most frequently victimized by phishing in this quarter.
  • Phishers are using an array of deception techniques to fool users. These include domain names chosen to avoid detection (pp. 7, 9 and 12), encryption designed to lull victims into a false sense of security (p. 11), and deceptive email addresses used to spoof trusted companies and business contacts.