3 Phishing Trends You Shouldn’t Ignore

Posted by Malcovery Security on Mon, Sep 29, '14

 

Phishing TrendsLast week, APWG released its “Global Phishing Survey: Trends and Domain Name Use in 1H2014." There are several important phishing trends in this report that serve as key takeaways for corporate executives and security professionals.

Trend #1: Phishing attacks continue to increase.

We’ve talked about this before too. The APWG report found that there were at least 123,741 unique phishing attacks worldwide during the first half of this year. Recent history has documented a continual increase in phishing attacks. This period experienced the highest frequency of attacks since 2H2009. APWG attributes this increase to vulnerable hosting and higher levels of malicious domain/subdomain registration. 

Read more about the brands most frequently targeted by cybercriminals in our most recent Top Phished Brands Report. 

Trend #2: Targeted attacks are on the rise.

Today’s cybercriminals are masters of their craft. They execute phishing campaigns with precision in order to maximize efficiency and resources. During the first half of the year, the number of institutions targeted in phishing attacks increased to 756 (up from 681 the previous period). Phishers have long targeted big brands with a strong followings, however the focus has shifted to emerging brands with new and vulnerable audience. For the modern phishing criminal, it’s all about maximizing the opportunity and the most successful actors are constantly analyzing the environment for “new inventory.” 

Talk with one of our experts. Phishing attacks targeting your brand are more related than you think. 

Trend #3: Security professionals aren’t keeping pace.

Cybercriminals are more effective than the security professionals that fight them. According to the APWG report, the average uptime for phishing attacks remains unchanged since the last period. When it comes to mitigating a phishing attack, time is not on the side of victim. Since the majority of damage is done within the first two hours of an attack, an uptime of 8+ hours still leaves a lot to be desired. If the companies being targeted by cybercrime expect to win the war, they will need to change their approach.

Read more about the how proactively minimize phishing losses by downloading our recent free whitepaper: Closing the Window on Losses to Phishing

We certainly encourage you to take some time to read through the full report. There is juicy information that presents important takeaways for security professionals.

What do you think of the findings in the APWG report? Share your thoughts in the comments section below.

Webinar: Don't  Miss it! Cybersecurity 2014: Semi-Annual Review View Recording

Topics: Phishing

   
View Webinar Now