Security researchers have recorded a 62% year-on-year (YoY) increase in phishing websites and a 304% surge in scam pages in 2022.
Group-IB’s new Digital Risk Trends 2023 report out today classifies phishing as a threat resulting in the theft of personal information and a scam as any attempt to trick a victim into voluntarily handing over money or sensitive information.
It found that the average number of instances in which a brand’s image and logo was appropriated for use in scam campaigns increased 162% YoY, rising to 211% in APAC.
Read more on scams: Giant Investment Scam Network Targets Victims with Phone Calls
In total, Group-IB detected a 304% YoY increase in scam resources using the name and likeness of legitimate brands in 2022. Financial services was the most targeted sector (74%) followed by lotteries (12%), oil and gas (5%), and retail (3%). Financial services and social media were also the two most commonly phished industries.
The report claimed the increase in phishing and scam activity could be traced to the growing use of automation and social media in campaigns. The former trend will continue going forward with the use of AI text generators to craft convincing phishing and scam copy, Group-IB claimed.
In Europe, half (48%) of scams detected by the threat intelligence firm in 2022 were spread via messaging apps, whereas in APAC (76%) and MEA (92%) the majority were disseminated on social media.
“Scam campaigns are not just affecting more brands each year, but the impact that each individual brand faces is growing larger as well. Scammers are using a vast amount of domains and social media accounts to not only reach a greater number of potential victims, but also evade counteraction,” explained Group-IB operations director, Vladimir Kalugin.
“Scams are also becoming more automated, as the ever-increasing number of new tools available to would-be cybercriminals has lowered the barrier of entry. We expect to see AI also play a greater role in scams in the future.”