Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Phishing

Payment Services, Financial Industry Top List of Phishing Targets

What do financial institutions, ePayment services, social networking sites and email services have in common? The answer is they make up the majority of the types of brands targeted by phishing kits.

What do financial institutions, ePayment services, social networking sites and email services have in common? The answer is they make up the majority of the types of brands targeted by phishing kits.

According to an analysis of nearly 9,000 phishing kits by PhishLabs, those four categories account for 77 percent of such brands, with financial institutions coming in first (21 percent). The next most prevalent types of sites were eCommerce sites, which accounted for nine percent.

A phishing kit is a collection of files that typically includes web pages, images, scripts and webserver code that can be installed on a webserver, explained Don Jackson, director of threat intelligence at PhishLabs. The kits are sometimes made available for free, but the ones that are often include backdoors that allow the kit’s author or seller to receive copies of any stolen data or even take control of the server hosting the kit, he noted.

“Some of the kits analyzed were obviously intended for widespread, indiscriminate distribution,” Jackson blogged. “Others were more targeted or customized for private use, and some appeared to be hand-crafted for a particular purpose or an exclusive target. In addition to showing up high in search results through malicious SEO (search engine optimization) tactics, links to phishing websites using these kits are delivered via spam email, SMS test messages, instant messenger services, and posts on social media websites and blogs.”

While phishing kits are just one piece of the puzzle, other studies have shown phishers paying similar levels of attention to the same types of sites. For example, Kaspersky Lab published an analysis of its own recently that was based on clicks on phishing URLs by its customers. According to their report, email services and social networks made up roughly 60 percent of all phishing sites.

In addition, the Anti-Phishing Working Group reported that the payment services (46.51 percent) and financial industry (20.1 percent) makeup the majority of the targets during the first quarter of 2014. The retail industry comprised 11.48 percent of victims.

APWG detected an average of 41,738 new phishing attacks each month during the first quarter.

“The United States continued to be the top country hosting phishing sites during the first quarter of 2014,” according to the APWG report. “This is mainly due to the fact that a large percentage of the world’s Web sites and domain names are hosted in the United States.”

All together, APWG found 557 different brands or institutions targeted by phishers during the first three months of the year. This was up from the 525 during the fourth quarter of 2013.

“The number and diversity of phishing targets continued to increase,” said Greg Aaron, APWG senior research fellow and president of Illumintel, in a statement. “Almost any enterprise that takes in personal data via the Web is a potential target.”

Written By

Click to comment

Expert Insights

Related Content

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Phishing

The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...