The Latest in Phishing: June 2015

We bring you the latest in phishing statistics and phishing attacks from the wild.

• According to Google’s Safe Browsing service, the amount of malware websites dropped from 18,454 to 14,977 between 2014 and 2015, while the amount of phishing sites increased from 24,864 to 33,571 during the same period.
• A bug affecting Safari users allows hackers to set up phishing sites that look to be identical to legitimate websites, with the content in the address bar appearing to be accurate.
• A financial institution in Asia was targeted by a spear phishing attack in January that allowed non-complex malware to reach the computers and log activity for three months, unnoticed. The malware also had the ability to download and execute programs, among other things.
• An online phishing quiz conducted by Intel Security shows that even security experts cannot always pick out phishing scams from real emails.
• PennDot officials are warning Pennsylvania residents to stay alert: a phishing email claiming to be from PennDOT is trying to take $450 by stating that the email recipient ran a red light.
• A new range of domain options, including possibilities like .work and .science, are designed to give organizations more opportunities in terms of company-specific domains. However, Kaspersky Lab’s Q1 2015 analysis of spam and phishing traffic shows that spammers and cyber criminals are also taking advantage of these new domains.
• After repeatedly warning citizens not to fall for phishing attacks, Bengaluru, India Police official Om Prakash gave his debit card information to a scammer.
• According to McAfee Labs, learning how to recognize phishing emails should be a primary concern.
• A new study from NTT Group shows that the finance sector is targeted most for cyber-attacks, especially with phishing and spear-phishing.

Want to fight phishing at your organization? Use our Mobile Security Solutions to help reduce your businesses’ cybersecurity risks and impact by up to 50%.