The report for April, which includes research from Websense Security Labs, showed a large increase in the number of credit unions targeted by phishing schemes.
"These range from regionally focused credit unions to niche credit unions that target particular employee sets," researchers wrote. "Hackers are modifying their attack methods by shifting away from attacking popular or large institutions."
Another trend researchers noted was a decrease in phishing attacks that use just an IP address. The trend shows phishers have become more skilled at hiding their scams, they said, noting that many recent phishing sites use hijacked servers.
In such scams, the fake site is located on the domain of a legitimate enterprise that the attacker has access to via hacking or installing malicious code.
"This tactic gives the scammers the advantage of having a link that leads to a legitimate domain that cannot be blacklisted. In fact, it is likely that such a phish message would get through a spam filter that uses 'whitelisting'." researchers wrote.