A new report from cybersecurity firm Vade has found that phishing attacks increased by 102% quarter-over-quarter (QoQ) in Q1 2023. This marks the highest Q1 total since 2018, and experts are warning of the sustained supply of phishing attacks spoofing the brands and productivity suites of Microsoft and Google. These attacks exploit the perceived legitimacy of these organizations, with one detected by Vade in March 2023 using legitimate YouTube attribution links and a Cloudflare CAPTCHA to evade detection. This tactic could bypass email filters that scan for suspicious redirects.
Vade detected 562.4 million phishing emails in Q1 2023, exceeding the previous quarter’s total by 284.8 million. January accounted for the highest volume of phishing emails in Q1, with 488.5 million, more than five times the combined total of February (26.6 million) and January (47.3 million). Malware volumes declined QoQ, falling 7% and accounting for 52.3 million emails, a 13% decrease from the same period last year.
A new phishing campaign detected by Vade in March 2023 combines several sophisticated techniques to compromise victims’ cryptocurrency wallets. This includes exploiting Google Translate to bypass detection from email security tools, using JavaScript and CSS to obfuscate phishing pages, and leveraging the Interplanetary File System (IPFS) Decentralized Network to host a phishing kit. Victims receive an email impersonating the Wallet Connect, an application for connecting mobile cryptocurrency wallets to decentralized applications. After clicking a malicious link, they get directed to a page claiming to verify they’re not a robot. The page then displays a phishing page, and if the user clicks “Connect Wallet,” a new page lists 21 spoofed cryptocurrency wallets the victim can connect to.
Email is the top distribution method for phishing and malware, giving hackers the ability to leverage a wide range of legitimate services and techniques to increase the scale, perceived legitimacy, and overall effectiveness of their attacks. To stay protected, experts suggest organizations should boost cyber hygiene with phishing awareness training and supplement native email security with layered protection from an integrated, third-party solution.
###