Press release

APWG Reviews Phishing in 2019: Record Highs and Phishing Attacks Against Social Media Sites Continue to Grow

Sponsored by Businesswire

According to the APWG’s new Phishing Activity Trends Report, the number of reported phishing attacks stabilized closer to the statistical mean at the end of 2019, after a record breaking third quarter. The total number of phishing sites detected by APWG worldwide in October through December 2019 was 162,155, following the all-time-high of 266,387 attacks recorded in July through September 2019.

Most menacing, however, were targeting trends exhibited by cybercrime gangs focusing on: users of web-hosted email and social media to multiply the numbers of potential victims; and Business Email Compromise (BEC) schemes of increasing sophistication to exploit key executives’ broader access to corporate resources – and greater payments authority.

By most other measures, 2019 was one of the most dangerous years on record for online users. During the course of 2019, the number of phishing incidents in Brazil increased 232 percent. APWG member company Axur recorded these attacks against Brazilian brands and services that are available in Portuguese in Brazil, noting an increase around the Black Friday shopping weekend. Similarly, APWG member company Agari recorded criminals perpetrating Business Email Compromise (BEC) attacks and using gift cards to cash out during the holiday shopping season.

APWG contributor OpSec Security saw attacks against more than 325 different brands (companies) per month in Q4. Stefanie Wood Ellis, Anti-Fraud Product & Marketing Manager at OpSec Security, noted that the most frequent targets of phishing attacks continued to be Webmail, payment, and bank sites, but that “Phishing against Social Media targets grew every quarter of the year, doubling over the course of 2019.”

The researchers at APWG member PhishLabs documented the rising use of SSL certificates on phishing websites. Almost three-quarters of all phishing sites now use SSL protection. This was the highest percentage since tracking began in early 2015, and is a clear indicator that users can’t rely on SSL alone to understand whether a site is safe or not. Also in this quarter’s Trends report: APWG member RiskIQ analyzes where phishers register domains for their nefarious purposes.

The full text of the report is available here:

About the APWG

Founded in 2003, the Anti-Phishing Working Group (APWG) is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multilateral treaty organizations, research centers, trade associations and government agencies. There are more than 1,800 companies, government agencies and NGOs participating in the APWG worldwide. The APWG’s <> and <> websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the STOP. THINK. CONNECT. Messaging Convention, the global online safety public awareness collaborative <> and founder/curator of the eCrime Researchers Summit, the world’s only peer-reviewed conference dedicated specifically to electronic crime studies <>. APWG advises hemispheric and global trade groups and multilateral treaty organizations such as the European Commission, the G8 High Technology Crime Subgroup, Council of Europe’s Convention on Cybercrime, United Nations Office of Drugs and Crime, Organization for Security and Cooperation in Europe, Europol EC3 and the Organization of American States. APWG is a member of the steering group of the Commonwealth Cybercrime Initiative at the Commonwealth of Nations. Among APWG’s corporate sponsors are: AhnLab, Area 1, AT&T (T), Afilias, Allure Security, Amazon Web Services (AMZN), AnchorFree, Avast!, AVG Technologies, Axur, Baidu Antivirus, BANDURA Systems, Bangkok Bank, BBN Technologies, Barracuda Networks, BillMeLater, Bkav, Blue Coat, BrandMail, BrandProtect, Bsecure Technologies, CSC Digital Brand Services, Check Point Software Technologies, CipherTrace, Claro, Cloudmark, Cofense, coinbase, Comcast, CrowdStrike, CSIRTBANELCO, Cyxtera, Cyber Defender, CYREN, DNS Belgium, DigiCert, Domain Tools, Donuts, Duo Security, Easy Solutions, PayPal, eCert, EC Cert, ESET, EST Soft, Facebook (FB), FeelSafe Digital, FEBRABAN, Fortinet, FraudWatch International, F-Secure, GetResponse, GlobalSign, GoDaddy, Google (GOOGL), Hauri, Hitachi Systems, Ltd., Huawei, Hyas, ICANN, Identity Guard, Illumintel, Infoblox (BLOX), IronPort (Cisco), Ingressum, Intel (INTC), Interac, IT Matrix, iThreat Cyber Group, iZOOlogic, Kaspersky Lab, KnowBe4, LaCaixa, Lenos Software, LINE, LookingGlass, MX Tools, MailChannels, MailJet, MailChimp, MailShell, MailUp, Microsoft (MSFT), MicroWorld, Mimecast, Mirapoint, NHN, MyPW, nProtect Online Security, Netcraft, Network Solutions, NeuStar (NSR), Nominet, Nominum, NZRS Limited, OpSec Security, PARENTHETIC, Public Interest Registry, Phishlabs, PhishMe,, Prevalent, Prevx, Proofpoint, PSafe, RSA Security (EMC), Rakuten, RedMarlin, Return Path, RiskIQ, RuleSpace, SalesForce, SecureBrain, SegaSec, SendGrid, S21sec, SIDN, SLASHNEXT, SilverPop, SiteLock, SnoopWall, SoftForum, SoftLayer, SoftSecurity, SOPHOS, SunTrust, SurfControl, Symantec (SYMC), TDS Telecom, Telefonica (TEF), ThreatSTOP, TransCreditBank, Trend Micro (TMIC), Trustwave, UITSEC, Vasco (VDSI), VADE-RETRO, VeriSign (VRSN), VILSOL, Webroot, Wombat Security Technologies, ZIX, and zvelo.