The Latest in Phishing: April 2015
We bring you the latest news about phishing statistics and attacks from the wild.
Verizon’s 2015 Data Breach Investigations Report Findings
- Over 2/3 of all espionage cases involved phishing attacks
- 23% of recipients now open phishing messages and 11% click on attachments
- It takes only 82 seconds on average for hackers to get their first victim in a phishing campaign
The lead author of the report, Bob Rudis, says, “Training your employees is a critical element of combating this threat.”
Increase your security response team's efficiency with PhishAlarm Analyzer
Recent Phishing Attacks and Current Threats
- Russian hackers gained access to the White House by way of a phishing email. As we mentioned previously, White House staff declined an optional 90-minute training session on online security offered in advance of the attack.
- The “Operation Pawn Storm” campaign is using phishing attacks to target governmental and political entities. Once hackers are able to gain access to a system, the malware steals information and acts as a back door.
- 280 Kansas City municipal employees gave up their login credentials in a series of mock phishing attacks sent by city auditors over the course of six months. Even after being notified to change their credentials after the fake attack, 30% of employees neglected to do so within 48 hours of the attack.
- Spy vs. spy? Warring advanced persistent threat groups Naikon and Hellsing are spear-phishing one another, according to Kaspersky.
- IBM uncovered a fraud scheme known as “The Dyre Wold” that uses a combination of phishing and vishing attacks to target large and medium-sized U.S. companies. So far the group has stolen more than a million dollars from various companies.
- After an investigation, it was determined that a phishing email was key to the hacking of French television channel TV5Monde by “cyber jihadists.”
Subscribe to the Proofpoint Blog