--- title: "Notable Phishing Attacks of 2022 | Phish Protection" description: "As we enter into 2023, cybercriminals are continuing to evolve their tactics and techniques to carry out phishing attacks." image: "https://phishprotection.com/og/blog/notable-phishing-attacks-2022.png" canonical: "https://phishprotection.com/blog/notable-phishing-attacks-2022/" --- Quick Answer As we enter into 2023, cybercriminals are continuing to evolve their tactics and techniques to carry out \[phishing attacks\](/resources/phishing-attacks-examples/). With the rise of \*\*remote working\*\*, the attack surface for phishing attacks has broadened significantly, which means it's more important than ever for organizations to stay ahead of the curve. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fnotable-phishing-attacks-2022%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Notable%20Phishing%20Attacks%20of%202022&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fnotable-phishing-attacks-2022%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fnotable-phishing-attacks-2022%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fnotable-phishing-attacks-2022%2F&title=Notable%20Phishing%20Attacks%20of%202022 "Share on Reddit") [ ](mailto:?subject=Notable%20Phishing%20Attacks%20of%202022&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fnotable-phishing-attacks-2022%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/01/Phishing-Attack-Recent-Statistics.jpg) As we enter into 2023, cybercriminals are continuing to evolve their tactics and techniques to carry out [phishing attacks](/resources/phishing-attacks-examples/). With the rise of **remote working**, the attack surface for phishing attacks has broadened significantly, which means it’s more important than ever for organizations to stay ahead of the curve. In this blog post, we’ll look at the top phishing attacks of 2022 that can help you better prepare for your [protection from phishing](/) in 2023. ### Valley View Hospital (January 2022) In January 2022, **Valley View** Hospital was a[sophisticated](https://www.postindependent.com/news/over-20000-peoples-data-potentially-compromised-in-phishing-scam-targeting-valley-view-hospital/)phishing attack victim and one of the top phishing attacks of 2022\. This attack utilized a technique known as “[spear phishing](/content/phishing-prevention/spear-phishing-attack/),” in which individuals are targeted with malicious emails designed to appear legitimate to gain access to sensitive data. In this case,\_ the attackers sent emails to members of the hospital’s staff that appeared to be from a trusted source, asking them to provide login credentials.\_ Once these credentials were provided, the attackers could access the hospital’s **computer networks** and sensitive **patient data**. On March 29, 2022 , an investigation concluded that the security of 21,000 individuals’ patient and employee information was compromised in Valley View Hospital’s email accounts. Valley View Hospital has stated that it does not have evidence indicating any data has been removed from its system. ![Phishing Attack Recent Statistics](https://media.mailhop.org/phishprotection/images/2023/01/Phishing-Attack-Recent-Statistics.jpg) ### Charleston Area Medical Center (January 2022) > “Zero-day phishing URLs have an average lifespan of just 12 hours before they’re added to blocklists. During that window, traditional signature-based filters are blind. Our real-time behavioral analysis catches these threats by pattern, not by signature - which is how we detect attacks that no database has seen yet.” - **Adam Lundrigan**, CTO, DuoCircle In January 2022, the Charleston Area Medical Center (CAMC) fell victim to a phishing attack. This cyberattack[utilized](https://www.beckershospitalreview.com/cybersecurity/phishing-attack-exposes-54k-patient-records-at-west-virginia-hospital.html)deceptive emails, text messages, and other online platforms to acquire sensitive information from the institution or its employees. This attack was particularly nefarious in its ability to **mimic the look and feel** of legitimate CAMC communications, thus _tricking employees into divulging their login credentials._ The attackers could then access the institution’s computers and **wreak havoc**. Upon further investigation, it was discovered that the attackers had used various techniques to gain access to the CAMC’s networks, such as spear-phishing, malware, and [social engineering](/blog/social-engineering-attack-twilio-compromises-employee-accounts-customer-data/) affecting 54,000 records . **Charleston Area Medical Center**, in collaboration with a cybersecurity forensics firm, recently concluded an investigation on March 16th. The investigation results revealed that an **unauthorized individual** attempted to acquire login information belonging to hospital employees rather than personal information belonging to patients. ### Mailchimp (March 2022) In March 2022, MailChimp’s online marketing service provider suffered a significant phishing attack. Malicious emails were[sent](https://mailchimp.com/march-2022-security-incident/)to customers to steal their personal information. Once the attackers were successful, they could gain access to the customer’s **MailChimp accounts** and make changes to their settings, including changing their passwords and redirecting emails. The attack was partially successful due to MailChimp’s **lack of adequate security** measures, such as [two-factor authentication](https://www.microsoft.com/en-us/security/business/security-101/what-is-two-factor-authentication-2fa). A total of 319 MailChimp customer accounts were accessed, resulting in the **export of mailing lists** from 102 accounts. The attackers then utilized these accounts to launch **phishing attacks**, which appeared genuine as they were sent from a MailChimp email address. _Attackers have obtained access to application programming interface keys, which could be utilized to initiate additional email-based phishing attacks in an automated manner._ ![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2023/01/what-is-a-zero-day-attack-5517.jpg) ### Florida Springs Surgery Center (June 2022) Florida Springs Surgery Center, a surgical center based in Spring Hill, Florida, was the victim of a phishing attack that affected the data of 2,203 patients . > Florida Springs Surgery Center has reported that an unauthorized third party was able to gain access to patient information by conducting a phishing attack on an employee’s **Microsoft Outlook email account** between May 25 and June 2. ### Allegheny Health Network (July 2022) In July 2022, Allegheny Health Network, a health system headquartered in Pittsburgh, was informed that an employee’s email account had been[compromised](https://healthitsecurity.com/news/phishing-attack-at-allegheny-health-network-impacts-8k)between May 31 and June 1 after the account owner **clicked on a phishing link**. Once the link was accessed, the perpetrator could gain access to files containing **sensitive patient data**. _It includes but is not limited to names, dates of birth, dates of service, medical records, ID numbers, prior medical history, conditions, treatments, diagnoses, addresses, contact information, driver’s license numbers, email addresses, and more._ Re-evaluation of the [digital risk](https://www.upguard.com/blog/digital-risk#:~:text=Digital%20risk%20refers%20to%20all,its%20exposure%20to%20cyber%20threats.) detection and removal process could have aided in quickly identifying the phishing campaign and preventing further harm. _The medical history of the over 8,000 affected patients is permanent, making it imperative to protect their data and maintain its integrity._ ### Acorn Financial Services (August 2022) In August of 2022, Acorn Financial Services was the target of a devastating phishing attack that[compromised](https://www.myinjuryattorney.com/data-breach-alert-acorn-financial-services-inc/)their customer’s **financial data security**. This attack was one of the most **sophisticated and effective** of its kind ever seen, and it caused significant disruption to Acorn’s operations. _An Acorn employee has likely been the target of a phishing attack resulting in the theft of their email credentials._ Upon gaining access to the employee’s email account, the attackers could access **confidential internal information**. Acorn discovered **an unauthorized party** had gained access to its systems, resulting in the potential exposure of customers’ personal information. This included names of staff and customers, their address details and other personal information. In response, Acorn has launched a full investigation and sent[ breach notifications](https://en.wikipedia.org/wiki/Security%5Fbreach%5Fnotification%5Flaws) to those customers **possibly impacted**. ### Twilio (August 2022) Twilio[experienced](https://www.twilio.com/blog/august-2022-social-engineering-attack)a **security breach** in which employee credentials were compromised due to an [SMS phishing attack](https://blog.icorps.com/5-ways-to-avoid-sms-phishing). The attack enticed employees and redirected them to a fraudulent website designed to look like Twilio’s legitimate authentication page. Once opened, these **malicious links** installed [malicious software](/content/protection-against-malware/malware-protection/) that allowed the attackers to access confidential information. This attack was especially concerning due to the wide-reaching nature of Twilio, as it is used by many organizations worldwide. Furthermore, the attack was difficult to detect and mitigate due to the **sophisticated nature** of the malicious actors. The security of approximately 75 million Authy users was compromised when hackers utilized their Twilio access to breach 93 Authy accounts and authorized additional **attacker-controlled devices**. This incident compounded with the Twilio breach, potentially exposing 1,900 accounts on the Signal **encrypted communication app**. ### Living Innovations (August 2022) The Living Innovations Phishing Attack of August 2022, one of the top phishing attacks of 2022, was a sophisticated [cyberattack](https://www.cisco.com/c/en%5Fin/products/security/common-cyberattacks.h) that occurred on the 8th August, targeting the computer systems of Living Innovations, a **global technology firm**. The attack successfully compromised the security of the company’s networks, allowing malicious actors to gain access to sensitive data and **intellectual property**. The attack employed[various](https://www.myinjuryattorney.com/data-breach-alert-living-innovations/)social engineering methods to trick employees into revealing their passwords and other login information and using **malware** to further exploit the company’s systems. ![Phishing prevention](https://media.mailhop.org/phishprotection/images/2023/01/phishing-prevention-2297.jpg) An investigation led by a [cybersecurity](https://www.moneycontrol.com/news/business/infosys-salil-parekh-says-cybersecurity-today-should-come-before-tech-building-not-after-9806251.html) team concluded that an **unknown entity** gained access to multiple employee email accounts between June 6-14, 2022\. _Living Innovations believes the attack was designed to deceive users into paying an illegitimate invoice_. ### Final Words To conclude, phishing attacks are continually changing and evolving to become more sophisticated and **harder to detect**. Therefore, organizations must keep up-to-date with the latest trends in **cyber security**. _They must start using [anti-phishing](/content/anti-phishing/) tactics such as user awareness training, data encryption, and two-factor authentication and deploy a robust threat intelligence system to protect themselves from phishing attacks in 2023_. The most successful defense systems will be those that stay **one step ahead of the cybercriminals**. ## Topics [ Cybersecurity ](/tags/cybersecurity/)[ Phishing ](/tags/phishing/)[ Phishing Awareness ](/tags/phishing-awareness/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m American Airlines Suffers Employee Email Data Breach, Personal Information at Risk Oct 4, 2022 ](/blog/american-airlines-suffers-employee-email-data-breach-personal-information-risk/)[ Intermediate 5m BitRAT Malware Threat Actors Leveraging Stolen Columbian Cooperative Bank Data in Phishing Campaign Jan 18, 2023 ](/blog/bitrat-malware-threat-actors-leveraging-stolen-columbian-cooperative-bank-data-in-phishing-campaign/)[ Intermediate 5m Find Out About the Latest Case of Threat Actors Utilizing Phishing-as-a-Service to Steal $120,000 Feb 20, 2023 ](/blog/find-out-about-the-latest-case-of-threat-actors-utilizing-phishing-as-a-service-to-steal-120000/)[ Intermediate 5m GoDaddy Customers Beware: Hackers Have Been Stealing Source Code for Years Mar 6, 2023 ](/blog/godaddy-customers-beware-hackers-have-been-stealing-source-code-for-years/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Notable Phishing Attacks of 2022","description":"As we enter into 2023, cybercriminals are continuing to evolve their tactics and techniques to carry out phishing attacks.","url":"https://phishprotection.com/blog/notable-phishing-attacks-2022/","datePublished":"2023-01-04T10:31:28.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-01-04T10:31:28.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/notable-phishing-attacks-2022/"},"articleSection":"intermediate","keywords":"Cybersecurity, Phishing, Phishing Awareness","wordCount":1231,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/01/Phishing-Attack-Recent-Statistics.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Notable Phishing Attacks of 2022","item":"https://phishprotection.com/blog/notable-phishing-attacks-2022/"}]} ```