We bring you the latest in phishing statistics and attacks from the wild.
Phishing Statistics and News:
Q2 2018 ‘Protecting People’ Report
Proofpoint researchers compiled user data from April to June 2018 for the recently released Protecting People: A Quarterly Analysis of Highly Targeted Attacks. This quarterly report analyzes highly-targeted attacks, such as spear and angler phishing, and is an end-user focused portrait of the threat landscape. Here are some key takeaways:
The number of fake support accounts targeting Proofpoint’s global customer base rose 37% from Q1 to Q2 2018.
More than 65% of the companies that were targeted by email fraud in Q1 had the identities of more than five employees spoofed.
The number of email fraud attacks per targeted company was 25% higher in Q2 than in Q1, with the government and retail sectors experiencing the largest increase in email fraud attempts.
Q2 2018 ‘Quarterly Threat Report’
The Proofpoint Quarterly Threat Report for Q2 2018 was released in August, and much like its predecessors, it revealed some alarming trends in cybercrime. The report highlights trends and key takeaways related to threats Proofpoint has identified across its customer base and the wider threat landscape. Here are a few highlights:
Malicious phishing message volume increased 36% between Q1 and Q2 2018.
Proofpoint customers, on average, were targeted by 35 business email compromise (BEC) emails in Q2 2018. This represents a 26% increase over Q1, and a startling 87% increase over Q2 2017.
Ransomware was back on the scene in Q2, but is still lagging from a volume perspective, accounting for just a little more than 11% of total malicious messages during the measurement period.
Proofpoint researchers also detected a 30% increase in phishing links on social media.
Q1 2018 ‘Phishing Activity Trends Report’
The Q1 Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG) reveals the number of phishing attacks identified in Q1 2018 increased 46% over Q4 2017. Many of their findings line up with Proofpoint’s own conclusions from customer data. Other highlights include the following:
The online payment sector was the most targeted by phishing in Q1 2018.
By Q2, more than a third of phishing attacks used HTTP and SSL protection to fool users.
Top-level domains and registrars, such as GoDaddy, are the most frequently used in phishing attacks.
Our new Attack Spotlight tool provides infosec professionals with free, actionable content designed to arm end users against the most relevant real-world phishing attacks and lures being seen in the wild. Each installment includes an informative PDF and two-minute awareness module that use non-technical terms to help end users spot and avoid a current threat. Visit our website to learn more and download the latest edition.
Popular security researcher Brian Krebs declared 2018 to be “The Year Targeted Phishing Went mainstream” in a blog post that profiles sextortion-based phishing scams and automated global attacks.
Proofpoint researchers identified early adopters of malicious code embedded into PDF email attachments. The attack is significant due to the actor, who is known as TA505. Read the details about how this scam works on Proofpoint’s blog.
A recent alert from the UK’s National Fraud & Cyber Crime Reporting Centre cautions that attackers are attempting to capitalize on the infamous WannaCry hacks. However, according to an article from SC Media, the extortion attempts — which demand Bitcoin — are scareware rather than ransomware and are easy to spot due to a misspelled word in the subject line.
A BankInfoSecurity article highlighting RSA’s Quarterly Fraud Report indicates that “newsjacking” is on the rise in phishing attacks. Cybercriminals are using timely topics — like GDPR privacy notifications — to create fraudulent emails designed to trick victims.