APWG Q2 Cybercrime Report: Phishing Sustains Elevated 'New Normal' Attack Volume Into the Middle of 2021

Attacks Remain Costly, and Rise against Cryptocurrency Companies

Phishing Sites, Q3 2020 - Q2 2021

The APWG's new Phishing Activity Trends Report reveals that phishing sustained near-record levels through the first half of 2021, after doubling over the course of 2020. APWG saw 222,127 attacks in June 2021, which was the third-worst month in APWG's reporting history.

APWG contributor OpSec Security found that the financial institution and social media sectors were the most frequently victimized by phishing in the second quarter. OpSec observed marked increases in phishing against brands of cryptocurrency companies, such as cryptocurrency exchanges and wallet providers, rocketing from 2 percent of all attacks in Q1 to 7.5 percent of all attacks in Q2.

Noted Stefanie Wood Ellis, Director, Product Management at OpSec Security: "OpSec continues to observe increases in vishing and smishing. Vishing is phishing advertised via voice messages, and smishing is phishing advertised in SMS messages. Smishing is becoming more common and is being used to attack organizations that are primarily mobile app-driven."

In related news, APWG contributing member Agari by HelpSystems found that Business E-mail Compromise (BEC) scams are becoming even more costly for victims. Agari found that in wire transfer BEC attacks in Q2, the attackers asked for an average of $106,000, up from $48,000 a year before. In May 2021, Agari also found, the percentage of payroll diversion BEC attacks surpassed wire transfer BEC attacks for the first time since September 2019.

Phishers continue to deploy encryption to fool users into thinking that phishing sites are legitimate and safe. APWG contributor PhishLabs found that in the second quarter of 2021, 82 percent of phishing sites had SSL encryption enabled. This number has decreased over two quarters, perhaps indicating that encryption has reached a maximum across the web.

Contributing member RiskIQ analyzed the use of domain names for phishing, and examined several specific phishing campaigns, while member Axur documented how phishing has declined in Brazil, illustrating how patterns of cybercrime can differ based on region and culture.

The full text of the report is available here: http://docs.apwg.org/reports/apwg_trends_report_q2_2021.pdf

About the APWG

Founded in 2003, the Anti-Phishing Working Group, (APWG) is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multilateral treaty organizations, research centers, trade associations and government agencies. There are more than 1,800 companies, government agencies and NGOs participating in the APWG worldwide. The APWG's www.apwg.org and education.apwg.org websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the STOP. THINK. CONNECT. Messaging Convention, the global online safety public awareness collaborative https://education.apwg.org/safety-messaging-convention and founder/curator of the eCrime Researchers Summit, the world's only peer-reviewed conference dedicated specifically to electronic crime studies https://ecrimeresearch.org/ecrime-symposium. APWG advises hemispheric and global trade groups and multilateral treaty organizations such as the European Commission, the G8 High Technology Crime Subgroup, Council of Europe's Convention on Cybercrime, United Nations Office of Drugs and Crime, Organization for Security and Cooperation in Europe, Europol EC3 and the Organization of American States. APWG is a member of the steering group of the Commonwealth Cybercrime Initiative at the Commonwealth of Nations. Among APWG's corporate sponsors are: Accenture, Acronis, Afilias, AGARI, AhnLab, AT&T, Allure Security, AREA 1, AIT, Avast, Awayr AI, AXUR, Banelco CSIRT, Bolster, BrandShield, Browlser, ByteDance, Canva, CaixaBank, Check Point, Cisco, CLARO, Cloudflare, CLOUDMARK, COFENSE, Coinbase, Comcast, CSC, CSIRT BANELCO, CSIS, Cyan Digital Security, CYREN, Cyxtera, CZ.NIC, DigiCert, DNS Belgium, DomianTools, Entrust Datacard, ESET, Facebook, FirstRand, Fortinet, FraudWatch, GetResponse, GMS Securidad, GoDaddy Registry, Group-IB, Guidewire. Hitachi Systems, ICANN, Infoblox, Ingressum, IQ Global, iThreat, Kaspersky, KnowBe4, Lenos Software, LINE, Looking Glass, LSEC, Mailshell, McAfee, Microsoft, Mimecast, NAVER, Netcraft, NetSTAR, Noblis, Nominet, Opera, OpSec Security, Palo Alto Networks, PANDI, PayPal, PhishLabs, Proofpoint, Qintel, Rakuten, Recorded Future, Red Sift, REDIRIS, RiskIQ, RSA, SafeGuard Cyber, Salesforce, Secutec, SIDN, SlashNext, Sopos, SWITCH, Symantec, Thomsen Trampedach, ThreatSTOP, TNO, TrendMicro, Trustwave, Twilio, Vade, Verisign, Viettel Cyber Security, Webroot, workday, ZeroFOX, ZibaSec, ZIX, and zvelo.


For media inquiries related to the APWG, please contact APWG Secretary General Peter Cassidy ([email protected], +1.617.669.1123). 

Or for company-specific content related to this release, please contact: Stefanie Wood Ellis at OpSec Security ([email protected]);

Angela Tuzzo of Agari by HelpSystems ([email protected]); Eduardo Schultze of Axur ([email protected],+55 51 3012-2987);

Stacy Shelley of PhishLabs ([email protected], +1.843.329.7824);

Holly Hitchcock of RiskIQ ([email protected]).

Source: APWG


Tags: AML, BEC, cryptocurrency, cybercrime, infosec, malware, phishing, ransomware

Additional Images


View Website

Founded in 2003, the Anti-Phishing Working Group (APWG) is an international coalition of counter-cybercrime responders, forensic investigators, law enforcement agencies, technology companies, financial services firms, university researchers, NGOs and multilateral treaty organizations operating as a non-profit organization. Its directors, managers and research fellows advise national and sub-national governments as well as the United Nations (Office on Drugs and Crime) as recognized experts (as defined by the Doha Declaration of 2010 and Salvador Declaration of 2015) as well as multilateral bodies and organizations.

406 Waltham Street (246)
Lexington, MA 02421-7948
United States