Experts pointed to an increase in the number of phishing attacks by a third in a year.

The number of phishing attacks continues to grow: in 2024, compared to 2023, their number increased by 33%, and since 2022 - by 72%. This is stated in the results of a study that Positive Technologies experts presented at the Positive Hack Days cyber festival. Together with the specialists of SDM-Bank, they explained what tools and topics the attackers use. Izvestia got acquainted with the information on May 23.

Government institutions (15%), industrial enterprises (10%) and IT companies (9%) were most often attacked last year. Such actions by hackers can lead to various consequences: theft of confidential information (63%), disruption of the activities of organizations (28%), damage to the interests of the state (6%) and direct financial losses (5%).

According to experts, targeted attacks are aimed at specific groups of individuals. Such phishing is more sophisticated, requires more time and investment from attackers, but the probability of success is much higher. APT groups often use this method. The main part of the attacks is mass phishing, when attackers send emails to a large number of people, hoping that at least a small percentage will perform the required action. In such attacks, attackers often mimic well-known brands.

From a black approach: hackers have quadrupled their attacks on Russia

The public sector, postal services and cargo and passenger transportation were among the most affected industries.

Experts believe that the line between mass and targeted phishing will become increasingly blurred. It is also predicted that artificial intelligence (AI) will become more firmly embedded in the tools of intruders. Currently, hackers use AI to generate phishing content and make attacks more personalized.

For example, analysts have noted that chatbots increase the adaptability of phishing when the language and tactics of writing change depending on the user's response. Among other things, chatbots help scammers carry out popular "fake boss" attacks. According to Positive Technologies, the number of messages from the "employer" accounted for 10% of all incidents in 2022-2023. In 2024, there was a similar trend. In addition, there has been a boom in the use of diplomatic missions and deepfakes.

According to Positive Technologies, 84% of all phishing attacks are carried out via email, leaving behind websites (23%), social networks and messengers (4%) by a wide margin. Experts explained that it is possible to effectively protect the mail server by using a combination of information security products: a secure email gateway and a sandbox.

Earlier, on February 26, Mikhail Khlebunov, Servicepipe's product director, told Izvestia that the number of DDoS attacks against telecom in Russia had been growing throughout 2024, and this trend continued in 2025. He noted that the attackers used the tactics of multi-vector carpet attacks, when malicious traffic goes to multiple IP addresses at once.