NEW DELHI: India ranked as the third-largest country globally for phishing attacks after the US and UK, with its technology sector facing nearly 33 per cent of all such strikes, marking it as the most targeted industry, according to a report.
The report by cybersecurity firm Zscaler showed a 60 per cent rise in global phishing attacks over the past year.
The ThreatLabz 2024 Phishing Report gathered insights from 2 billion blocked phishing transactions between January and December 2023.
“In 2023, India ranked as the third-largest country globally for phishing attacks, following behind the US and UK. The technology industry in India faced nearly 33 per cent of all phishing attacks, marking it as the most targeted sector among industries,” the report said.
The finance and insurance sector has become the prime target for cyber attackers and witnessed the highest number of phishing attempts in 2023, it added.
“The finance and insurance sector experienced both the highest number of phishing attempts and the most significant increase in attacks, rising 393 per cent compared to the previous year.
“The increasing reliance on digital financial platforms provides ample opportunities for threat actors to carry out phishing campaigns and exploit vulnerabilities in this sector,” the report said.
It was followed by the manufacturing industry, which saw a 31 per cent uptick in phishing attacks between 2022 and 2023.
Increasing adoption of AI technology by these sectors makes them even more ‘lucrative targets’ for phishing schemes, given the increased reliance on data, the report said.
In 2023, phishing scams targeted the United States (55.9 per cent), United Kingdom (5.6 per cent), and India (3.9 per cent) the most. India experienced over 79 million phishing attacks, making it the third most targeted country, it noted.
“The advancement of the nation’s digital infrastructure, growing population of internet-connected users and extensive use of online financial transactions has undoubtedly led to an escalation in numbers and sophistication of phishing attacks in the nation.
“As threat actors find new malicious means to extract and steal user data, steps are being taken by the Indian government, such as the implementation of the Digital Personal Data Protection Act, to help circumvent the proliferation of such attack vectors,” said Sudip Banerjee, CTO, Asia Pacific & Japan at Zscaler.
Microsoft emerged as the top imitated enterprise brand in 2023, with Adobe, Amazon, and Google also on the list.
Telegram, with 7,92,883 phishing hits, topped the list of most exploited social media platforms worldwide, followed by Facebook (5,32,243 phishing hits) and WhatsApp (3,78,968 phishing hits).
While AI makes entities vulnerable to cyber attacks, it also aids cybercriminals by easing the work for them.
“LLMs have made it significantly easier for cybercriminals, even with relatively little coding experience, to carry out multiple stages of a sophisticated phishing attack,” the report said.