Story image

Plenty more phish in the sea: 1.4 million of them each month, says Webroot

25 Sep 17

Every month, 1.385 million unique phishing sites are being created to catch unsuspecting users and they are becoming more targeted, sophisticated, harder to spot and harder to avoid, according to data released from Webroot last week.

The company’s Quarterly Threat Trends Report shows that phishing activity peaked in May of this year, when 2.3 million phishing sites were created. On average, more than 46,000 new sites are created per day.

Most attacks last between four to eight hours – short enough to evade detection from traditional anti-phishing methods such as block lists. Block lists may be updated on an hourly basis, but it can take three to five days before they’re made available. That means there’s a large window for attacks, Webroot says.

“Today’s phishing attacks are incredibly sophisticated, with hackers obfuscating malicious URLs, using psychology, and information gleaned from reconnaissance to get you to click on a link.  Even savvy cybersecurity professionals can fall prey. Instead of blaming the victim, the industry needs to embrace a combination of user education and organisational protection with real-time intelligence to stay ahead of the ever-changing threat landscape,” comments Webroot’s CTO, Hal Lonas.

Attackers are also changing up their impersonation tactics when carrying out phishing attempts. 35% of phishing attacks attempt to impersonate Google as a company.

13% impersonate Dropbox, 10% impersonate PayPal, 7% impersonate Facebook and 6% impersonate Apple.

Closer to home, Australia and New Zealand have been the targets of a number of phishing attacks on the likes of AusPost, AFP, Origin Energy, E-Toll, Banks, telecommunications providers and the Australian Tax Office.

“Australia and New Zealand continue to be a hotbed for phishing attacks. With the personalisation and sophistication used by cybercriminals, it’s even difficult for hardened security professionals to determine which emails are safe or infected. We need a combination of user education and a business-wide solution to keep phishing attacks at bay,” comments Webroot Australia's senior information security analyst Dan Slattery.

The Quarterly Threat Trends report also found that between 2-4% of all new files are either malware or potentially unwanted applications (PUAs).

The number of PUAs has dropped to 2.2% over the last year, it indicates that organisations have focused their efforts to detect and stop PUA use. As a result, attackers are not using these methods as much.

“The drop in the percentage of PUAs among new files is somewhat offset by the simultaneous increase in the total number of new files (benign, malware, and PUAs) being seen each year,” the report also adds.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”