CybersecurityManagementSecurity NewswireTechnologies & SolutionsLogical SecurityCybersecurity News

2022 saw a 61% increase in the rate of phishing attacks

By Security Staff
green computer chip

Image via Pixabay

March 14, 2023

An SaaS report analyzed new threat vectors and potential security gaps in SaaS applications. The report assesses key areas of security concern, such as from where attacks are originating, tactics most frequently used by bad actors, common events and alerts and threat vectors that organizations need to be aware of to proactively protect their business critical assets from an attack and breach. 

The report also examines the inherent issues and complexities regarding the accelerated rate of SaaS application adoption and concerns with cybersecurity threats and gaps from external threats such as hackers and internal insider threats caused by employee or contractor negligence, misconfiguration of SaaS security controls, unsafe cybersecurity practices and human error.

Key findings include:

53% of all attempted unauthorized logins originated from China, Vietnam, India, Brazil and Korea. This year's report saw a notable decline in attempts from Russia. On average, there were approximately 40,000 brute attacks per day against user accounts monitored.

2022 saw a 61% increase in the rate of phishing attacks compared with 2021. The study also revealed that cybercriminals shifted their attacks to mobile and personal communication channels to reach users, and showed a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.

Outside approved locations accounted for over 55% of the most common critical alerts and occurred when there was a successful login to a user account from outside of an approved location or an approved IP address range. While this alert can be a false flag due to misconfiguration of approved locations or unexpected user travel, it is a serious alert, indicating a significant probability that a malicious actor has succeeded in compromising an account.

Salesforce and Slack generated the most critical alerts on a per-user/per-alert basis. Of all logged Salesforce events, over 8% of those events were critical alerts compared to 3.77% for Slack, 1.82% for Google Workspace and 1.26% for Office 365.

Compared to last year's data, the report found a 29% increase in the number of guest user accounts, which can have access to sensitive data and open access points for bad actors. Of the over 979,840 SaaS accounts monitored by SaaS Alerts in 2022, 54% were from guest user accounts versus licensed users.

Download the  SASI Report here

KEYWORDS: data privacy phishing attack saas threat actor user authentication

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Related Articles

Related Products

See More ProductsSee More Products

Events

View AllSubmit An Event
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.
View AllSubmit An Event

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!