PRNEWSWIRE: According to the September 2017 Webroot Quarterly Threat Trends Report, 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data; collected by Webroot, a firm into endpoint security, network security, and threat intelligence; show that phishing attacks are highly targeted, sophisticated, hard to detect, and difficult for users to avoid. The latest phishing sites employ realistic web pages that are almost impossible to find using web crawlers, and they trick victims into providing personal and business information.
The threat trends are based on threat intelligence data derived from the industry’s most advanced machine learning techniques, ensuring it’s both timely and accurate. The analysis points out that “Phishing continues to be one of the most common, widespread security threats faced by both businesses and consumers. Phishing is the number 1 cause of breaches in the world, with an average of more than 46,000 new phishing sites created per day. The sheer volume of new sites makes phishing attacks difficult to defend against for businesses.”
A good thing is that today’s phishing attacks have a shorter lifespan. The first half of 2017 highlights the continuing trend of very short-lived phishing sites, with the majority being online and active for only 4 to 8 hours. These short-lived sites are designed to evade detection by traditional anti-phishing strategies, such as block lists. Even if the lists are updated hourly, they are generally 3–5 days out of date by the time they’re made available, by which time the sites in question may have already victimized users and disappeared.
Attacks are also becoming increasingly sophisticated and more adept at fooling the victim. In the past, phishing attacks randomly targeted as many people as possible, with the hope that a substantial amount would open an infected attachment or visit a malicious web page. Today’s phishing is more sophisticated. Hackers do their research and utilize social engineering to uncover relevant personal information for individualized attacks. Phishing sites also hide behind benign domains and obfuscate true URLs, carrying more malignant payloads, and fooling users with realistic impersonated websites.
The mix of companies being impersonated continues to also continues to evolve. Zero-day websites used for phishing may number in the millions each month, yet they tend to impersonate a small number of companies. Webroot categorized URLs by the type of website being impersonated and found that financial institutions and technology companies are the most phished categories. Webroot also identified the top 10 companies being impersonated throughout the first six months of 2017. These include, Google which stands at 35 percent, followed by Chase, Dropbox, PayPal, Facebook, Apple, Yahoo, Wells Fargo, Citi and Adobe at 15, 13, 10, seven, four, four, three, and three percent, respectively.
“Today’s phishing attacks are incredibly sophisticated, with hackers obfuscating malicious URLs, using psychology, and information gleaned from reconnaissance to get you to click on a link. Even savvy cybersecurity professionals can fall prey,” stated Hal Lonas, Chief Technology Officer, Webroot. “Instead of blaming the victim, the industry needs to embrace a combination of user education and organizational protection with real-time intelligence to stay ahead of the ever-changing threat landscape.”