In 2022, a rapid succession of data breaches affected multiple prominent brands in the security sector, including Cisco, Okta and LastPass. These large-scale data breaches may be indicative of a cyclical trend that involves phishing, as such breaches can either initiate or contribute to future phishing attacks.
Alongside a rise in the number of organizations being targeted with credential phishing campaigns, global events over the past year have been leveraged by threat actors for monetary gain. A case in point is the development of a meticulously crafted credential phishing campaign, disguised as a donation to aid victims of the Russia/Ukraine conflict. In addition, the age-old password reset style phish is alive more than ever. There will always be attempts to convince the recipient their mailbox is full, and their password needs to be updated.