Phishing kits have become more evasive and advanced over the last two years
A new report from Group-IB’s Computer Emergency Response Team (CERT-GIB) analyzed the evolution of phishing kits in 2022.
CERT-GIB identified 3,677 unique phishing kits in 2022, 25% more than in 2021. Key phishing trends observed by Group-IB are the increasing use of access control and advanced detection evasion techniques:
- Advanced detection evasion techniques were used by 2,060 kits observed in 2022 (26% more than a year earlier)
- CERT-GIB observed a 40% increase in the use of anti-bot technologies
- The most commonly used detection evasion technique was the directory randomization
- hypertext access (.htaccess) became the most popular basic evasive technique in 2022 – 20% of detected phishing kits employed this tactic (+80% compared to the previous year)
- Under half of the phishing kits from 2022 seen by CERT-GIB relied on email to handle stolen information with Gmail being the most preferred email service
- A continuing trend is the sustained popularity of Telegram for stolen data collection: 623 kits used Telegram (68% more than a year earlier)
Check out this infographic for an overview of the evolution of phishing kits in 2022.