Few threat actors are inspired by political leaders, some others by mischief or malice, but most of them are only I'm the game for cash and money. To make sure the criminal activities are making a profit, balance bus required between potential payday running against time, risk, and the resources required. It's no surprise that many people use phishing scams as their go-to attacks, harmful emails can be used to attack many targets without much difficulty, threat actors can buy easily available phishing kits that work as a basic prerequisite for everything the hackers need for a campaign.
After thorough research of phishing email traffic, experts found that most of these attacks follow the cash either to big financial firms or big tech companies. Apple, Facebook (now Meta), and Amazon were among the top brands targeted with the phishing campaign. "On the financial side, Charles Schwab was by far the most popular target, and was the most used brand URL overall, accounting for 13.5 percent of all cases. Chase Bank – an American subsidiary of JP Morgan Chase & Co – RBC Royal Bank and Wells Fargo were also widely used in phishing URLs," reports Helpnet security.
The top trend experts noticed was using of mobile technology for these phishing attacks like WhatsApp, SMS, and other services. Threat actors have also been using these techniques as a response to strict email security solutions. A mobile technology is said to be less secured compared to a desktop endpoint when it faces a phishing attack. Even if the mobile has a business email app, mediums like Whatsapp and SMS will escape any anti-phishing security that the device has.
Cybercriminals might also combine mobile messaging and emails in a single attack, for instance, sending a phishing mail including QR code which is scanned by a mobile, doing so results in escaping detection and reaching the mobile endpoint. "Mobile-based phishing attacks are also harder to identify due to mobile devices’ smaller screen and simplified layout, compounding the lack of security solutions on mobile," reports Help Net Security.