Anti-Phishing Working Group Publishes Q2, 2018 Phishing Trends Report

The Anti-Phishing Working Group has released its Phishing Activity Trends Report for Q2, 2018. The report contains a summary and analysis of phishing attacks that were reported to APWG by its member companies and partners between April and June 2018.

The APWG quarterly reports provide insights into the latest phishing trends and show the extent of phishing attacks on businesses – Attacks aimed at getting employees to reveal their login credentials, visit malicious websites, and install malware and ransomware.

During Q1, 2018, the number of detected phishing sites increased each month from around 60,000 in January to approximately 110,000 in March. In Q2, there was a reverse of this trend with a monthly decline in phishing websites each month to a yearly low in June when there were 51,401 phishing sites detected. While this is certainly good news, June’s figures are still substantially higher than June 2017.

In addition to the decline in detected phishing sites there has also been a decline in the number of spoofed brands. 274 brands were spoofed in April, 285 were spoofed in May, but the figure fell dramatically to 227 spoofed brands in June.

In Q2, 2018 an average of 88,161 unique phishing email reports were sent to APWG by its customers. Throughout 2018 there has been little change in the number of reported phishing emails reported each month, with figures ranging between around 80,000 and 90,000 each month throughout the year.

APWG reports a significant increase in targeted attacks on software-as-a-service (SaaS) and webmail providers in Q2, 2018, which accounted for 21% of all phishing attacks. Cybercriminals are attempting to gain access to SaaS accounts, Office 365 for example, to steal sensitive corporate data. Webmail is a popular target because compromised email accounts can be used to send spam and further phishing messages.

While these attacks are on the rise, the majority of attacks are on payment processors, banks, and their customers. These attacks accounted for 52% of all phishing attacks in Q2, although there was a slight drop compared to Q1, 2018.

Figures from APWG contributor PhishLabs show the percentage of phishing sites that are protected by the HTTPS encryption protocol is continuing to rise, increasing from 33% of sites in Q1, 2018 to just over 35% of sites in Q2. That represents a considerable increase from Q4, 2016, when fewer than 5% of phishing sites used HTTPS and had SSL certificates. The rise mirrors the increase in genuine websites that now use HTTPS and have SSL certificates.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of