2018 Q4 – Phishing Activity Trends Report


  • The number of confirmed phishing sites declined as 2018 proceeded. Detection of phishing sites has become harder because phishers are obfuscating phishing URLs with multiple redirections.
  • Phishing that targeted SaaS and webmail services doubled in Q4.
  • The number of phishing attacks hosted on Web sites that have HTTPS and SSL certificates declined for the first time in history.
  • In Brazil, phishers offered Black Friday sales “specials” to their criminal brethren.
  • Phishing remains most prevalent in the old, large gTLD .COM. But phishing is higher than normal in some new gTLDs and repurposed ccTLDs.