Phishing Landscape 2022

A Study of the Scope and Distribution of Phishing

Phishing remains a significant threat to millions of Internet users. Phishing attacks lure victims to a web site that appears to be run by a trusted entity, such as a bank or a merchant. The web site, however, is a deception, and the site’s content is designed to persuade a victim to provide sensitive information.

Our studies illustrate that phishing is a highly profitable, constantly evolving and expanding industry.

Phishers acquire resources cheaply and in virtual anonymity to commit fraud or theft with little risk of identification or apprehension.

Phishing leverages Internet resources, exploits vulnerable technologies, and takes advantage of policy and legislative regimes that are siloed and, by our measurements and analyses, ineffective.

Using data collected at the Cybercrime Information Center, Interisle Consulting Group studied how phishers acquire and use Internet resources for these purposes. In this report, we ask and answer, “How much phishing is taking place?, “Where it is taking place?”, and “What targets are attractive to phishers?”

In our 2022 study, we add biennial measurements and analyses and consider questions like, “How do the yearly trends for phishing attacks, domain names used for phishing, etc., compare to biennial trends?” and “Are phishers “doing business” at the same registry, registration, or hosting services year after year?”

Among the major findings…

Over 1.1 million phishing attacks identified, a 61% increase over the May 2020 to April 2021 period.

854,000 phishing domain names reported, a 72% increase over the May 2020 to April 2021 period.

Domains registered in the new TLDs continue to be used disproportionately for phishing

86% of phishing attacks reported against the top 10 ASNs are hosted on IP addresses in the US.

You may read an Executive Summary of the Report or the complete Report at Interisle.net.