2022 ThreatLabz Phishing Report

Phishing has long been one of the most pervasive cyberthreats, and it grows every year. According to the FBI’s Internet Crime Complaint Center (IC3), phishing reported the most victims nationally in 2020, and according to the 2021 Verizon Data Breach Investigations Report, 35% of all data breaches involved scams trying to steal people’s sensitive information or login credentials. Phishing did not slow down in 2021: the Zscaler ThreatLabz research team saw a 29% increase in phishing attempts globally over the course of 2021 based on data from billions of blocked attacks across the Zscaler cloud.

Phishing is rising for multiple reasons. As organizations increase their malware and exploit prevention capabilities, attackers turn to social engineering tactics to steal login credentials and successfully compromise organizations. Human adversaries—particularly those with valid credentials—are much harder to detect and stop.

Additionally, more and more automated tools are being developed to make phishing much easier and more accessible to attackers with limited technical knowledge. Phishing kits in particular have played an important role in the rise of phishing activity. Sourced from black markets, phishing kits are bought, leased, or made available for free, and contain everything required to wage an effective low effort email or web-based phishing attack.

ThreatLabz analyzes data from over 200 billion daily transactions and 150 million daily blocked attacks in order to identify emerging threats and improve protections for Zscaler customers.

In this report, ThreatLabz looked at a year’s worth of global phishing data from the Zscaler cloud to identify key trends, industries and geographies at risk, and emerging tactics. In this report, we will share ThreatLabz findings and provide best practices guidance on how you can better identify and protect yourself against phishing attacks.