2022: A year of phishing with a solution to calm the seas

Ronnie Manning

Ronnie Manning

2 minute read

In 2022, phishing scams continued to hook into consumers and enterprise accounts. In fact, recent research from EMA revealed that 87% of surveyed businesses indicate that their organization experienced an identity-related security breach in the preceding 12 months. Many successes of the sophisticated phishing scams were due to legacy MFA implementations such as SMS, mobile auth, and OTP which aren’t phishing-resistant or equipped to stop these types of attacks.

Phishing-resistant MFA is multi-factor authentication (MFA) that is immune from attempts to compromise or subvert the authentication process, commonly achieved through phishing attacks, which includes but is not limited to spear phishing, brute force attacks, man-in-the-middle attacks, replay attacks and credential stuffing. Phishing resistance within an authentication mechanism is achieved by not only requiring that each party provide proof of their identity but also intent through deliberate action. MFA can be phishing-resistant via a FIDO authenticator such as the YubiKey, and also provide a smooth user experience.

YubiKeys have continued to help calm the seas, preventing phishing attempts against individuals, enterprises, election campaigns, critical infrastructure in Ukraine, and beyond. Yubico is proud to have donated tens of thousands of YubiKeys to more than 85 organizations through our Secure it Forward program – ensuring journalists, human rights organizations, and those working to further diversity in tech were protected by security keys. And we’re truly honored that we were named a winner of the Inc. Best in Business 2022 specifically for this program. 

We continue to be grateful for the opportunity to make a difference in the world of internet security. As we wrap up 2022, we wanted to take a moment to look back at what the year brought us in cybersecurity, and provide a sneak peak into what companies can do to prepare for 2023. 

We wish you a peaceful remainder of the year and look forward to being able to continue our mission of making the internet more secure for everyone.

, , ,
Talk to our teamTalk to our team

Share this article:
  • Goodbye master passwords: Dashlane and Yubico enhance credential vault encryption and login with YubiKeysAt Authenticate 2025 this week, the world’s leading experts on modern authentication and securing digital identities gathered, to discuss the future of secure authentication and achieving usable security across the account lifecycle. The message was clear: the future of phishing-resistant authentication is using passkeys for encryption, and the gold standard is device-bound passkeys – YubiKeys. […]Read morecredential vault encryptioncredential vault loginDashlanepartnerpasskey encryptionPRF
  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet
  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST