According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing was used in 41% of the attacks that X-Force remediated in 2021. That’s a 33% increase from 2021.

One of the biggest reasons threat actors are increasing phishing attacks is that all it takes is one employee to make a split-second mistake to cause major business and reputation loss. Cybersecurity workers must continually stay on top of new phishing trends. That way, they can use the right technology to help prevent the right types of attacks. Most importantly, they need to focus on training employees on how to spot and prevent attacks.

Here are five phishing trends that your organization is likely to see in 2022:

Voice Phishing

You likely think of spam calls as just annoying. But that’s why vishing, or voice phishing, is on the rise. Cybersecurity training stresses not to click on links. However, many users do not realize that spam phone calls may actually be the start of a cybersecurity attack. In a vishing call, the person on the other end of a VoIP phone typically impersonates a legitimate organization, such as the IRS or a bank. From there, they ask the person who answered to visit a website. The attacker then uses the information entered into the website to launch a cyberattack. Common vishing scams include imposters (meaning the caller pretends to be someone else), debt relief scams and charity scams.

Vishing became such an issue in 2021 that the FBI even issued an alert. Proofpoint’s State of the Phish report found that 69% of the organizations were the recipient of a vishing attack. That’s an increase of 54% from 2020. Most concerning is that the X-Force index found that vishing attacks were three times more effective than a classic phishing scheme. Because the attack starts with the phone, using cybersecurity applications to stop the attack is challenging.

Train your employees about the rise of vishing and how to spot a vishing attack. Many vishing attacks are successful because employees don’t recognize this tactic as a potential cybersecurity attack. Stress to employees that they should never visit a website given to them over the phone. Keep employees updated on current vishing scams to help them more accurately spot threats.

Spear Phishing

If you receive an email from a bank that you’ve never used before, then it’s very likely that you will recognize it’s a phishing email and hit delete. But if you get an email from your own bank, you are much more likely to fall for the scam. The difference is the first type of attack was a general phishing attack. The second is referred to as spear phishing, which is an attack targeted at specific people.

A 2021 FireEye report found that spear phishing recipients were 10 times more likely to click on the link than general phishing email recipients. Not surprisingly, spear phishing is on the rise. Proofpoint found that 79% of organizations were targets of spear phishing attacks. That’s an increase of 66% from 2020, which is a very concerning increase.

The IBM Threat Index found that the brands most imitated by threat actors were large and trusted companies. Attackers might pretend to be from Microsoft, Apple or Google. In addition, these types of attacks work as spear phishing since most consumers do business in some shape or form with these companies. Train employees to carefully look at logos and check email addresses. Often phishing attacks use an email that looks official at first glance. After close investigation, you’ll be able to see it is phony, such as [email protected]. You can also reduce the likelihood of a spear phishing attack gaining control of an employee’s access by installing multi-factor authentication on all employee accounts.


Smishing is when threat actors target someone over SMS texting. One of the reasons that this type of attack is even more effective is many people do not have cybersecurity software on their phones. The same attack might get blocked on their laptop. Many people are not as aware of smishing. Therefore, they may be more vulnerable to falling prey over text than email. Proofpoint found that 74% of organizations faced smishing attacks in 2021, which is an increase of 13% from 2020.

Many people began using food delivery and meal kits during the pandemic. So, cyber criminals began creating smishing schemes mentioning these services. Other common schemes include upcoming package deliveries and giveaways.

Start by updating your cybersecurity training to include smishing. Surprisingly, Proofpoint found that only 26% of organizations included Smishing in cybersecurity training. You should also let employees know what type of legitimate SMS messages they may receive from your organization. That way, they know what to expect from their commonly used work systems. As new smishing schemes emerge, keep employees updated on new types of text messages to watch out for.

Social Media Phishing Attacks

Attackers are increasingly turning to social media for their phishing attacks. Proofpoint found that 74% of organizations were targeted by social media phishing attacks. That’s an increase of 13% from 2020. Many people are suspicious of blatant phishing attacks on social media, such as a stranger messaging you through a private message on social media with a link to click. But other schemes are harder to spot. Attackers often take over accounts and then target their friends with phishing attacks. Other schemes include social media quizzes that get users to enter information that can then be used for social engineering accounts. Threat actors also create clone accounts of real companies to get people to click on malicious links thinking they are trustworthy.

How to Protect Your Organization

With employees using personal devices for work with increased remote and hybrid work, social media phishing attacks are likely to continue to pose a big risk. You should include a section in your cybersecurity training on social media phishing and keep employees updated on new types of schemes. Require that any personal devices that employees use for work have the latest patches and company-approved cybersecurity technology installed.

Phishing is expected to remain a top threat as attackers get more creative in their social engineering and targeting techniques. By staying on top of the latest phishing schemes, you keep your employees up to date, too. If employees know that the latest trend is to impersonate a specific company or type of email, then they are going to be more aware and suspicious when that message lands in their social media account, email, text or even at the other end of a phone call.

More from Data Protection

Data security tools make data loss prevention more efficient

3 min read - As businesses navigate the complexities of modern-day cybersecurity initiatives, data loss prevention (DLP) software is the frontline defense against potential data breaches and exfiltration. DLP solutions allow organizations to detect, react to and prevent data leakage or misuse of sensitive information that can lead to catastrophic consequences. However, while DLP solutions play a critical role in cybersecurity, their effectiveness significantly improves when integrated with the right tools and infrastructure. Key limitations of DLP solutions (and how to overcome them) DLP…

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

Cost of a data breach: The evolving role of law enforcement

4 min read - If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today