Story image

Australia amongst top 10 for high-risk URLs – and most of those are for phishing

14 Feb 2017

Australia ranks in the top ten countries for hosting high-risk URLs – and more than 65% of those URLs are used for phishing purposes. Australia also ranks significantly for malware and spam threats.

Those are the statistics coming from Webroot’s Annual Threat Report, which found that for every new phishing URL impersonating a financial institution, there were more than seven impersonating tech companies.

This year the top three phishing targets were all global tech companies: Google, Yahoo and Apple.

This suggests it may now be easier to phish a technology account and because passwords are reused, they’re more valuable to hackers.

“The continued increase in sophistication and volume of phishing attacks, ransomware, and polymorphic malware mean we are at greater risk than ever from cybercriminals,” comments Hal Lonas, chief technology officer at Webroot.

The company also discovered that phishing attacks are getting shorter, with the longest site active for less than two days. 84% of all sites were active for less than 24 hours, and the shortest active site clocked in at 15 minutes.

In terms of malware trends, ‘polymorphism’ was the word of 2016, which describes each instance as unique and undetectable by traditional signature-based security approaches. 94% of all malware and potentially unwanted application executables were only seen once.

Ransomware also continued its domination, with the Locky ransomware remaining king.  The FBI estimated that ransomware attackers would rake in more than $1 billion in ransoms in 2016, and Webroot expects this trend to continue through 2017.

More than half of new and mobile apps were malicious or suspicious, according to Webroot. This accounts for more than 10 million – a huge increase from the two million in 2015. The company expects Android’s growing popularity will be a breeding ground for adware.

Trojans are the most popular mobile app threats, account for 60% share.

In 2016, 33 million unique malicious IP addresses appeared on Webroot’s blacklist, an increase from 2015. Attackers are also changing IP addresses to avoid detection, which is highlighted by statistics that showed more than 88% of the top 10,000 malicious IP addresses used in attacks showed up only once. 

“It’s clear that relying on threat lists, virus signatures, and simplistic rules for protection is wholly insufficient against a threat landscape that is constantly evolving. Proven, real-time machine learning-based analysis that includes an understanding of threat behavior and context is necessary for accurate decision making and protection from today’s threats,” Lonas concludes.

WhatsApp users warned to change voicemail PINs
Attackers are allegedly gaining access to users’ WhatsApp accounts by using the default voicemail PIN to access voice authentication codes.
Swiss Post asks public to hack its e-voting system
Switzerland’s postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.
Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
Flashpoint signs on emt Distribution as APAC partner
"Key use cases that we see greatly benefiting the region are bolstering cybersecurity, combating insider threats, confronting fraud, and addressing supply chain risk, to name a few."
The attack surface: 2019's biggest security threat
As businesses expand, so does their attack surface – and that may be the biggest cybersecurity risk of them all, according to Aon’s 2019 Cyber Security Risk Report.
Opinion: Cybersecurity as a service answer to urgent change
Alan Calder believes a CSaaS model can enable a company to build a cyber resilience strategy in a coherent and consistent manner.
Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.