Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Financial Phishing Jumped to 51% of All Phishing in 2019: Kaspersky

Banking Trojans Increasingly Target Corporate Users

Financial phishing has increased in frequency and accounted for more than half of all phishing detections last year, Kaspersky says.

Banking Trojans Increasingly Target Corporate Users

Financial phishing has increased in frequency and accounted for more than half of all phishing detections last year, Kaspersky says.

In 2019, cybercriminals switched focus from crypto-currency mining to digital trust and privacy issues, but financial threats persisted: threat actors continue to attempt stealing victims’ money, despite no major incidents being reported by the financial industry.

Last year, financial phishing accounted for 51.4% of all phishing detections, an increase from the 44.7% share it saw during the previous year. The security firm detected 467,188,119 phishing attempts in 2019.

Additionally, banking phishing accounted for 27% of all blocked attempts to visit phishing pages last year, Kaspersky says.

Phishing-related attacks on payment systems accounted for roughly 17% of attacks, while those targeting online stores for over 7.5% of attacks in 2019. According to Kaspersky, financial phishing encountered by Mac users accounted for 54% of the phishing attempts aimed at this category of users.

The security firm also says that 773,943 Windows users were targeted by banking Trojans last year, with roughly one-third of them (35.1%) being corporate users. People in Russia, Germany, and China were targeted the most.

Most of the attacks (approximately 87%) involved just four banking malware families, namely ZBot, RTM, Emotet, CliptoShuffler.

The number of Android users hit with banking malware dropped to around one-third compared to the previous year: 675,000 in 2019 vs 1.8 million in 2018. Users in Russia, South Africa, and Australia were targeted the most.

“Financial phishing is one of the most popular ways for criminals to make money. It doesn’t require a lot of investment but if the criminals get the victim’s credentials, they can either be used to steal money or sold,” Kaspersky says.

Related: Corporate Workers Warned of ‘COVID-19 Payment’ Emails Delivering Banking Trojan

Related: New Variant of Gustuff Android Banking Trojan Emerges

Related: Phishing Attacks: Best Practices for Not Taking the Bait

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.