Phishing Trends and Intelligence Report Published by PhishLabs

PhishLabs, a leading provider of phishing defense solutions, has published its Phishing Trends and Intelligence Report for Q1, 2017.

The report shows that cybercriminals have changing tactics and targets in the first quarter of 2017, attacking different industries with different methods compared to the previous quarter.

PhishLabs CEO Tony Price said, “The first quarter of 2017 shows just how quickly the phishing threat landscape can change as threat actors shift who they target and how.”

While the healthcare sector has been a major target in 2016, in Q1, 2017 the majority of phishing attacks were conducted on five other industry sectors. PhishLabs reports that 88% of phishing attacks were conducted on financial institutions, e-commerce companies, cloud storage/file hosting companies, webmail/online services and payment services. It is the latter industry that has seen the biggest change in targeted attacks, registering a 76% increase in phishing attacks year over year.

Cloud storage providers were heavily targeted in the final quarter of 2016, although phishers are now favoring other industries. Phishing attacks on cloud storage providers fell by 25% quarter over quarter.

There was also a marked increase in the number of phishing attacks in Q1, 2017, with 20% more phishing emails sent than in the previous quarter.

The first quarter of 2017 saw an increase in phishing attacks on organizations with the aim of obtaining the tax information of employees, although PhishLabs reports there was a 63% decline in IRS phishing scams compared with the first quarter of 2016.

There has also been a marked increase in phishing attacks targeting social media users while SaaS companies are increasingly coming under attack, registering three times the number of attacks as Q1, 2016.

More companies have started using SSL certificates on their websites; however, phishers are similarly switching to SSL. 10% of all phishing sites identified in Q1, 2017 had SSL certificates. Just because a site starts with HTTPS it does not mean the site is genuine and is not a phishing website.

The data for the phishing trends and intelligence report was sourced from the company’s intelligence software. PhishLabs analyzed more than 143,000 confirmed malicious websites that were being used for phishing attacks in the first quarter of 2017 alone and was able to block 25,000 phishing attacks.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of