How Many Phishing Sites? Over 2 Million in 2020 (so far)
Google has flagged 2.02 million phishing sites since the beginning of the year, averaging forty-six thousand sites per week, according to researchers at Atlas VPN. The researchers note that the number of phishing sites peaked at the start of the year, which correlates with the start of the pandemic.
“Data also reveals that in the first half of 2020, there were two huge spikes in malicious websites, reaching over 58 thousand detections per week at the peaks,” the researchers write. “The second half of the year seems more stable, which is not a positive thing, as there are around 45 thousand new copy-cat websites registered every seven days.”
Atlas VPN says the number of new phishing sites has been steadily increasing each year since 2015, but it’s now higher than it’s ever been.
“To take a look at the wider perspective, Atlas VPN analyzed phishing site data since the first quarter of 2015,” the researchers explain. “Our findings revealed that the year 2020 is, in fact, the year with most new phishing sites to date. Even though 2020 is not yet at an end, it already has a record-high number of scam websites detected, amounting to 2.02 million sites, according to Google’s data. This was a 19.91% increase from 2019 when malicious site volume reached 1.69 million. The average year-by-year change in phishing websites reveals a 12.89% growth since 2015. Also, in 2020, all three quarters had more malicious site detections than any of the previous year’s quarters. The second quarter of 2020 has the highest number of phishing sites ever recorded, at over 635 thousand.”
The researchers attribute the spike in 2020 to the COVID-19 pandemic, as people are spending more time online and emotions are running high.
“It is quite easy to correlate the pandemic with the increase in phishing attacks, not only because of the increased internet usage but also due to the panic,” they write. “Panic leads to irrational thinking, and people forget basic security steps online. Users then download malicious files or try to purchase in-demand items from unsafe websites, in result becoming victims of a scam.”
Google and other companies do a good job of tracking down malicious sites, but attackers can easily scale their operations and set up new sites to stay ahead of efforts to shut them down. New-school security awareness training can enable your employees to spot these sites on their own.