Story image

Australia amongst top 10 for high-risk URLs – and most of those are for phishing

14 Feb 17

Australia ranks in the top ten countries for hosting high-risk URLs – and more than 65% of those URLs are used for phishing purposes. Australia also ranks significantly for malware and spam threats.

Those are the statistics coming from Webroot’s Annual Threat Report, which found that for every new phishing URL impersonating a financial institution, there were more than seven impersonating tech companies.

This year the top three phishing targets were all global tech companies: Google, Yahoo and Apple.

This suggests it may now be easier to phish a technology account and because passwords are reused, they’re more valuable to hackers.

“The continued increase in sophistication and volume of phishing attacks, ransomware, and polymorphic malware mean we are at greater risk than ever from cybercriminals,” comments Hal Lonas, chief technology officer at Webroot.

The company also discovered that phishing attacks are getting shorter, with the longest site active for less than two days. 84% of all sites were active for less than 24 hours, and the shortest active site clocked in at 15 minutes.

In terms of malware trends, ‘polymorphism’ was the word of 2016, which describes each instance as unique and undetectable by traditional signature-based security approaches. 94% of all malware and potentially unwanted application executables were only seen once.

Ransomware also continued its domination, with the Locky ransomware remaining king.  The FBI estimated that ransomware attackers would rake in more than $1 billion in ransoms in 2016, and Webroot expects this trend to continue through 2017.

More than half of new and mobile apps were malicious or suspicious, according to Webroot. This accounts for more than 10 million – a huge increase from the two million in 2015. The company expects Android’s growing popularity will be a breeding ground for adware.

Trojans are the most popular mobile app threats, account for 60% share.

In 2016, 33 million unique malicious IP addresses appeared on Webroot’s blacklist, an increase from 2015. Attackers are also changing IP addresses to avoid detection, which is highlighted by statistics that showed more than 88% of the top 10,000 malicious IP addresses used in attacks showed up only once. 

“It’s clear that relying on threat lists, virus signatures, and simplistic rules for protection is wholly insufficient against a threat landscape that is constantly evolving. Proven, real-time machine learning-based analysis that includes an understanding of threat behavior and context is necessary for accurate decision making and protection from today’s threats,” Lonas concludes.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.