Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Phishing

Phishing Attacks Rise, Evolve

Say the word phishing, and there are people who would probably begin to think back to a quiet day on a boat. But the kind of phishing that begins with a “ph” is far from relaxing, and it is on the rise.

Say the word phishing, and there are people who would probably begin to think back to a quiet day on a boat. But the kind of phishing that begins with a “ph” is far from relaxing, and it is on the rise.

According to a new report from Kaspersky Lab entitled ‘The Evolution of Phishing Attacks: 2011-2013’, an estimated 37.3 million Internet users were hit by phishers between 2012 and 2013. That represents an 87 percent increase from between 2011 and 2012, with most of the users being targeted residing in Russia, the U.K., India, Vietnam and the U.S.

The top two ways that phishing attacks are spread are through the Internet (87.91 percent) and email (12.09 percent).

“It’s easiest to encounter a link on a phishing site while using the Internet: banners to legitimate websites, messages on forums and blogs, and private messages on social networks can all turn out to be a ruse,” according to the report. “Although phishing links are encountered much less frequently in email than on the Internet, over the course of one year, phishing schemes in email still rose 1.86 percentage points from 10.23 percent in 2011 – 2012 up to 12.09 percent in 2012 – 2013.”

Phishing attacks were most often launched from the U.S., the U.K. Russia, Germany and India. The top targets of malicious users are Yahoo!, Google, Facebook and Amazon. Other common targets include financial organizations, with more than 20 percent of all attacks targeted banks and other businesses in the industry.

Overall, the research found that more than 50 percent [921] of the 1,739 names of companies and services in the Kaspersky Security Network [KSN] database that have been used by phishers are fake copies of website and banks and other credit and financial organizations. The number of names increased 250 compared to two years ago.

“The more popular a website is, the more frequently malicious users copy it and, as a result, there is a higher probability that a user will run into a fake version as he surfs the web,” according to the report.

“The number of attacks against one or another online resource may correspond directly to its popularity,” the report states. “For example, the percentage of attacks involving phony Yahoo! sites in the total phishing volumes has fallen alongside the company’s decreased share of the web search market and other online services, while Amazon’s percentage has grown markedly, in line with the company’s success on the e-commerce market and the successful launch of its tablets.”

Advertisement. Scroll to continue reading.

While phishing attacks on consumers using those types of services online have risen, phishing has also become a popular tactic for attackers launching sophisticated attacks against businesses as well, noted Dmitry Bestuzhev, head of the global research and analysis team for Kaspersky Lab’s arm in Latin America.

“Nowadays many APTs run on spear-phishing attacks as the first stage of the attack itself,” he said. “Why is this so? The answer is easy, many email addresses are just public, also it’s the shortest way to get to the final victim trespassing many filters which may exist in the company like it would be in case of an USB infection where not all USB devices might be admitted to be used by physical restriction and also control device management on the network level.”

“Another reason why spear-phishing attacks are many times the first step is even very experience IT sec people may become a victim when the message is very well dressed with fake info closed to be real or even using a part of the messages as real information,” he added. 

While there has been some debate as to whether or not security training programs are beneficial for employees, the focus should not be solely on education or solely on technology, he said.

“The education of the end-users is a very important task despite being a very hard task and many times almost impossible,” he said. “I say this is important because basically this is the last defensive line a company has. If all IT filters were trespassed it does not mean yet the company got automatically compromised but the last chance goes up to the victim and if the victim is enough skilled, he may break the circle and it least report suspicious message to IT Sec people.” 

“At the same time there is a very big need in inventing of new technologies working not with a classic phishing or spam, but spear-phishing attack,” he added. “The approach must be different of course.” 

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Fraud & Identity Theft

Famed hacker Kevin Mitnick has died after a battle with pancreatic cancer.  At the time of his death, he was Chief Hacking Officer at...

Cybercrime

Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...

Phishing

The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Cybercrime

A threat actor tracked as ‘Scattered Spider’ is targeting telecommunications and business process outsourcing (BPO) companies in an effort to gain access to mobile...

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...