Retail sector named top target of phishing attacks

According to the FBI Internet Crime Complaint Center (IC3), phishing attempts are the most-reported type of cyberattack. With a 29% increase in phishing attacks compared to previous years, the retail and wholesale sector has been highly targeted.

The 2022 ThreatLabz Phishing Report from Zscaler reviews 12 months of global phishing data from the organization's security cloud to identify key trends, industries and geographies at risk, and emerging tactics. The researchers analyzed data from more than 200 billion daily transactions and 150 million daily blocked attacks in order to identify emerging threats and track malicious actors from across the globe.

Current trends in phishing

Cybercriminals use current events, such as the COVID-19 pandemic, cryptocurrency or the Russian invasion of Ukraine, to convince unwitting victims to hand over confidential data, such as passwords, credit card information and login credentials.

The report found that phishing attacks lure victims by posing as top brands or promoting topical events. The top phishing themes in 2021 included categories such as productivity tools, illegal streaming sites, shopping sites, social media platforms, financial institutions, and logistical services.

Phishing attacks were also not evenly distributed across different industries. Retail and wholesale businesses experienced an increase of over 400% in phishing attempts — the most out of all tracked industries. These businesses were followed by financial and government sectors, with organizations in these industries seeing over 100% increases in attacks on average. However, some industries experienced partial relief from phishing attacks last year. Healthcare saw a notable drop of 59%, while the services industry saw a decline of 33%.

Preventing successful phishing attacks

Facing the cybersecurity threat of phishing can be daunting, and while it's impossible to eliminate phishing risk, effective management can prevent business-critical information from falling into the hands of cybercriminals. Security leaders can employ the following tactics for countering phishing growth:

Learning and understanding the risks posed by phishing to better inform policy and technology decisions
Delivering timely employee training to build security awareness and promote user reporting
Simulating phishing attacks to identify gaps in security policies and procedures
Evaluating security infrastructure to ensure access to the latest research and system capabilities

For more information, download the report.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

Retail sector named top target of phishing attacks

Current trends in phishing

Preventing successful phishing attacks

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Retail sector named top target of phishing attacks

Current trends in phishing

Preventing successful phishing attacks

Share This Story

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.