DNSFilter State of Internet Security - Q1 2023

The cybersecurity landscape is evolving by the minute, with new threat vectors, hacking groups, and sophisticated scams emerging every day. While each threat is unique, they all have one thing in common: They originate online.  

Organizations need to work securely, without the fear of being victimized by phishing, ransomware, or other DNS-based attacks. These companies need to know they are protected by detecting and blocking threats and setting and enforcing content policies with real-time monitoring. DNSFilter is the security company solving that challenge, making the internet safer and workplaces more productive.  

To continue its mission, DNSFilter recently conducted research comparing internet threat growth from Q4’22 against Q1’23 using data from the DNSFilter network that supports over 26 million monthly users. DNSFilter resolves over 1.5 trillion queries per month and detects threats seven days earlier than competitors, including zero-day attacks.   

DNSFilter shows a steady 61.39% increase in traffic leading to websites containing threats between October 2022 and March 2023.  


A picture containing text, screenshot, font, lineDescription automatically generated

More specifically, there has been a 281.88% increase in identified malicious phishing, malware, crypto and botnet traffic from October to March. 


Diving deeper, phishing alone spiked 464.36% during the same period. The growth makes it clear that:

  • Phishing is still a successful tactic for hackers,
  • Businesses need to educate their employees about the dangers of these kinds of attacks;
  • And more protection in place at the point-of-click is required.



And no one business is immune. Manufacturing, retail, telecom, healthcare, education, finance, and every business reliant on the internet must be alert to safeguard against phishing, malware, botnets, and other internet-based threats.  

The chart below, showing the most clicked threat types over the last 30 days, paints an interesting picture aligning with the data from the quarter.  

Phishing and deception attacks continue to pose the most significant problem across industries, with financial services (82.7%), retail and distribution (62.1%) and manufacturing (61.3%) being the most impacted.  




DNSFilter’s report also shows that:

  • The financial sector is a prime target for hackers, with nearly 83% of domain threats clicked attributed to phishing and deception.
  • Software/hardware and technology companies are a hot target for malware and cryptomining attacks, comprising 38.6% of malicious domains clicked by this industry.
  • 32.4% of clicked threats in business services are tied to new domains.
  • 61% of domain threats clicked in healthcare and medical organizations are related to phishing and deception. Even more troubling? DNSFilter research also shows that employees in this sector are twice as likely to click a phishing link.

IT teams across industries need to remember every internet-connected device is vulnerable regardless of if it's connected at the office, on the go or at home. And research shows that 78% of threats are found at the DNS layer. So, the time to focus on your corporate network is now.  

DNSFilter provides proprietary, machine learning-powered protective DNS threat detection, prevention and content categorization that works on any device, on any network globally, helping organizations confidently limit risks posed by unsafe and malicious content. More than 15,000 brands, including the U.S. Army, Nvidia, and The Salvation Army, trust DNSFilter to keep them safe. In 2022 alone, the threat protection leader blocked 9.1 billion threats.  

To learn how you can protect your network with DNS filtering in as little as five minutes, visit https://www.dnsfilter.com/.   

  • There are no suggestions because the search field is empty.
Latest posts

The shift from in-office to remote work happened (quite literally) overnight. Work from home was forced onto many during the onset of the COVID pandemic, and it was astonishing how quickly people and organizations alike adapted to this new work style.

Moving Beyond Traditional Network-Based Security Moving Beyond Traditional Network-Based Security

Zero Trust Network Access (ZTNA) is a cybersecurity paradigm that is rapidly gaining popularity among IT professionals. At its core, ZTNA is about moving away from the traditional network-based security perimeter approach and instead focusing on the users, assets, and resources that make up a system. 

DNSFilter Achieves SOC 2 Type II Compliance DNSFilter Achieves SOC 2 Type II Compliance

When DNSFilter was founded in 2015, we had a vision to build a product that would keep people and businesses safe and secure while they were using the internet. As a part of that vision, we have also worked diligently to ensure our growing organization maintains a high level of information security.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.