• by Ray Schultz , October 18, 2018

Phishing volume fell from the first quarter of 2018 to the second quarter, but was far higher than it was during the final quarters of 2017, according to the latest Phishing Activity Trends Report from APWG.

The total number of phishing incidents was 233,040 in the second quarter -- down from 263,538 in the first quarter, but higher than the 190,942 reported in third-quarter 2017 and the 180,577 seen in the fourth quarter last year.

The number of phishing sites detected hit a spike in March, falling to a monthly low for the year in June. The total of unique phishing emails dipped in May, but jumped up again a month later.  

The most targeted sectors were payment (36%) and SAAS/webmail (21%, compared with 18.7% in the first quarter) and financial institutions (16%). In addition, 9% of the attacks hit the cloud storage/file hosting vertical (down from 11.3% in Q1), 4% social media and 14% other.

APWG also reports that 35%of the phishing attacks were hosted on web sites with HTTPS and SSL certificates. 

Brazilian e-commerce sites suffered a high number of attacks in April, due to the FIFA World Cup event.