Phishing Attacks Shift to Email Addresses
-
Phishing Attacks Shift to Email Addresses
Phishing attacks are exploiting human vulnerabilities and are shifting from user names to email addresses to target organizations' and individuals' assets. -
Phishers Attack Specific Industries
Phishing volume grew by 33% across the five most-targeted industries: finance (23%), cloud storage (22.6%), webmail and online services (20.6%), payment services (13.9%) and economic (11%). -
Top Phishing Target Will Change
Cloud storage sites are expected to replace financial institutions as the top target of phishing attacks this year. -
Email Addresses Replace User Names
Phishers are exploiting email addresses instead of unique user names to mass harvest credentials. This exposes an exponentially greater number of online services to secondary attacks through credential reuse and other methods. -
Attacks on Government Tax Authorities
Attacks on government tax authorities grew by 300%. More IRS phishing attacks occurred in January 2016 than in all of 2015. -
Global Events Affected Phishing
Phishing volume peaked in mid-2016, and there was a spike in virtual Web server compromises because of major global events, such as Brexit. -
U.S. Phishing Attacks Are Growing
The United States' share of attacks is growing and currently accounts for more than 81% of all phishing attacks. -
Phishing Sites Are Hosted In Eastern Europe
59% of phishing sites were hosted in the United States last year, but there also was a very significant increase in the number of phishing sites hosted in Eastern Europe. -
Canada Is Hardest Hit
Canada suffered more than any other country, as attacks on institutions grew 237% in 2016. -
Generic TLDs Gain in Popularity
.Com Top-Level Domains (TLDs) were associated with more than half of all phishing sites last year, but generic TLDs are becoming more popular because they are low cost and can be used to create convincing phishing domains. -
Anti-Detection Techniques Are Used the Most
The researchers collected 29,000 phishing kits targeting more than 300 organizations in 2016. One-third of these kits used anti-detection techniques, 22% used mechanisms to restrict access and 29% used techniques to evade browser-based blocking. -
Ransomware Focuses on Likely Payers
Ransomware attacks are now targeting organizations that are most likely to pay, such as those in health care, government, critical infrastructure, education and small businesses.
The phishing landscape has undergone a major shift that's affecting what is being attacked, targeting email addresses rather than user names, according to a new report. This news was reported in the "2017 Phishing Trends and Intelligence Report" by Joseph Opacki and Crane Hassold, both formerly with the FBI and now with PhishLabs. Exploiting human vulnerabilities continues to be the most attractive and successful path for targeting organizations' and individuals' assets, the report said. "Phishing was and continues to be, by a wide margin, the most prolific method used to distribute ransomware. Fighting back against ransomware requires fighting back against phishing," the authors said. Last year, they analyzed 1 million confirmed malicious phishing sites that resided in 170,000 unique domains. They also investigated and mitigated 7,800 phishing attacks every month by identifying the underlying infrastructure used and then shutting them down. They also analyzed thousands of unique malware samples from 100 ransomware variants in 20 banking Trojan families. Key findings of the report follow.