State of Phishing report reveals over 255 million attacks in 2022

SlashNext analyzed billions of link-based URLs, attachments and natural language messages across email, mobile and browser channels over six months in 2022 and found over 255 million attacks, a 61% increase in the rate of phishing attacks compared to 2021. The latest findings from the State of Phishing report highlight that some security strategies are struggling to stop threats as malicious actors increasingly launch in addition to attacks from trusted services and work and personal messaging apps.

Key findings of the report include:

  • Hackers are turning to mobile and personal communication channels to reach employees. SlashNext saw a 50% increase in attacks on mobile devices, with scams and credential theft topping the list of payloads.
  • 80% increase in threats from trusted services such as Microsoft, Amazon Web Services or Google, with almost a third (32%) of all threats now hosted on trusted services.
  • 54% of all threats detected were zero-hour threats, showing how hackers are changing their tactics in real time to improve their success
  • 76% of threats were targeted phishing credential harvesting attacks
  • Top 3 sectors of attack are healthcare, professional and scientific services, and information technology

The way people work today has increased users’ exposure to cyberattacks and threats that organizations already face. Hackers have turned their attention to some of the least protected places to launch attacks, including SMS, Slack, WhatsApp, etc. This trend, combined with employees increasingly using the same devices for work and personal purposes, has accelerated phishing across multiple channels.

Current security tools and processes, such as security awareness training, reputation-based technologies, and relational graphs, cannot keep pace with many of these new attack trends. Organizations need to move from traditional security practices and next-gen tools to a modern security strategy, including robust AI phishing controls that address all variants of phishing attacks and provide a wide range of protections.

SlashNext protects the modern workforce from malicious messaging across all digital channels with an integrated cloud-based messaging security platform that uses patented artificial intelligence technology with 99.9% accuracy. SlashNext detects threats in real time to stop instant threats in email, mobile and web apps on M365, Gmail, LinkedIn, WhatsApp, Telegram, Slack, Teams and other messaging channels. Take advantage of SlashNext’s built-in cloud email security for email, browsers and mobile devices to protect your organization against data theft and financial fraud today.

To participate in the discussion, attend The State of Phishing webinar on November 17 at 11:00 a.m. PT Register here:

The State of Phishing report reveals over 255 million attacks in 2022 first appeared on SlashNext.

*** This is a syndicated blog from SlashNext’s Security Bloggers Network written by Lisa O’Reilly. Read the original post at:

Amanda J. Marsh