Home M3AAWG Blog Phishing Activity Doubles from 2020; SaaS and Webmail Most Victimized, Says Q3 2021 Report

The Q3 2021 Phishing Activity Trends Report has been published. The report includes data and analysis of phishing attacks as reported to the APWG by its member companies, its global research partners, through the organization’s website at https://apwg.org, and by e-mail submissions to reportphishing@antiphishing.org

APWP sources define phishing as “…a crime employing both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. “

From the report, available at http://apwg.org/trendsreports/:

APWG saw 260,642 phishing attacks in July 2021, which was the highest monthly in APWG’s reporting history. 

The number of phishing attacks has doubled from early 2020.

The software-as-a-service and webmail sector was the most frequently victimized by phishing in the third quarter, with 29.1% of all attacks.

Attacks against financial institutions and payment providers continued to be numerous, and were a combined 34.9% of all attacks.

Phishing against cryptocurrency targets – cryptocurrency exchanges and wallet providers – settled at 5.6% of attacks.

The number of brands being attacked has risen during 2021, from just over 400 per month to more than 700 in September.

Phishing attacks in Brazil rose, from 4,275 in Q2 to 7,741 in Q3.

APWG is a partner with M3AAWG.  M3AAWG has published a number of best practices addressing email, including M3AAWG Best Practices for Sending Mandated Emails to Large Audiences, 2020 M3AAWG Email Authentication Recommended Best Practices and many others. Learn more at https://www.m3aawg.org/published-documents.


The views expressed in DM3Z are those of the individual authors and do not necessarily reflect M3AAWG policy.