83% of Infosec Pros Reported Phishing in Global Survey
In January, we released our 2019 State of the Phish Report, which includes detailed phishing statistics based on multiple data sources, including nearly 15,000 responses to quarterly surveys sent to our database of infosec professionals throughout 2018. Our findings include:
83% of global infosec respondents experienced phishing attacks in 2018, an increase from 76% in 2017.
In 2018, reports of credential compromise rose 70% over 2017, and they’ve soared 280% since 2016.
The 2019 report — our fifth annual — has been significantly expanded, offering more data and analysis than ever before. Download your copy for the full results of our global surveys (including regional data comparisons); how users across 16 industries perform on simulated phishing tests; and the ways organizations can use threat intelligence and their security awareness training data to identify and address the riskiest users and departments.
50% of Phishing Sites Now Using HTTPS
As we reported in January, the latest Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG) reveals that the number of phishing attacks reported in Q3 2018 (270,557) remained steady compared to Q1 and Q2. But other insights suggest that’s no cause for celebration:
Nearly 50% of phishing sites are using HTTPS encryption — a 40% increase over the previous quarter alone, and a nearly 900% increase since the end of 2016.
Phishing sites are increasingly using web page redirects to avoid detection.
286 brands were targeted in September 2018, the most seen in a month since November 2017.
The online payment sector was the most targeted by phishing in Q3 2018, followed by SAAS/webmail and financial institutions.