Kroll details huge increase in phishing attacks during Q1 2022

A report by Kroll has detailed that there was a 54% increase in phishing attacks during the first quarter of 2022.

The company’s Threat Landscape Report gave the example of a case where a phishing email was sent to an IT department and click on by an end-user, who then entered their log-in credentials. With the threat actor having access to global admin credentials, they were able to gain system access and take over multiple important email accounts.

A payment was demanded, and the employees were targeted via text message, email and social media to pressure them into meeting their demands. No ransomware or encryption was used in the attack.

Meanwhile, the report detailed that the total number of recorded ransomware incidents fell by 20% in Q1. Email compromise and ransomware were the two most common threat incident types for the quarter, with the former increasing by 19% from the end of December.

Sectors such as manufacturing were heavily targeted, with the industry seeing a 33% increase in incidents, with 68% of those involving ransomware.

Kroll associate managing director for cyber risk Laurie Iacono said, “Employees are undoubtedly an important line of defence for any company. Security training programs need to enhance cyber awareness among employees and firms should encourage a culture where raising concerns and reporting suspicious issues is a positive thing. Our latest Kroll Threat Landscape Report underlines this more than ever, as in the last quarter employees faced not only phishing attacks but email compromises which lead to extortion or the introduction of malware.

“Of further note in the Kroll Threat Landscape report was the continued use of relatively recently exposed vulnerabilities. While 2021 will be remembered as the year of the vulnerability, 2022, particularly the first quarter, will go down as the year that threat actor groups such as ransomware gangs harnessed those vulnerabilities to launch more destructive attacks. For instance, while most activity around Log4j exploitation in Q4 2021 revolved around cryptominers, threat actors from multiple ransomware gangs leveraged the vulnerability to set the stage for network encryption in Q1 2022.”

Copyright © 2022 FinTech Global

Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research


The following investor(s) were tagged in this article.