Every month, 1.385 million unique phishing sites are being created to catch unsuspecting users and they are becoming more targeted, sophisticated, harder to spot and harder to avoid, according to data released from Webroot last week.
The company’s Quarterly Threat Trends Report shows that phishing activity peaked in May of this year, when 2.3 million phishing sites were created. On average, more than 46,000 new sites are created per day.
Most attacks last between four to eight hours – short enough to evade detection from traditional anti-phishing methods such as block lists. Block lists may be updated on an hourly basis, but it can take three to five days before they’re made available. That means there’s a large window for attacks, Webroot says.
“Today’s phishing attacks are incredibly sophisticated, with hackers obfuscating malicious URLs, using psychology, and information gleaned from reconnaissance to get you to click on a link. Even savvy cybersecurity professionals can fall prey. Instead of blaming the victim, the industry needs to embrace a combination of user education and organisational protection with real-time intelligence to stay ahead of the ever-changing threat landscape,” comments Webroot’s CTO, Hal Lonas.
Attackers are also changing up their impersonation tactics when carrying out phishing attempts. 35% of phishing attacks attempt to impersonate Google as a company.
13% impersonate Dropbox, 10% impersonate PayPal, 7% impersonate Facebook and 6% impersonate Apple.
Closer to home, Australia and New Zealand have been the targets of a number of phishing attacks on the likes of AusPost, AFP, Origin Energy, E-Toll, Banks, telecommunications providers and the Australian Tax Office.
“Australia and New Zealand continue to be a hotbed for phishing attacks. With the personalisation and sophistication used by cybercriminals, it’s even difficult for hardened security professionals to determine which emails are safe or infected. We need a combination of user education and a business-wide solution to keep phishing attacks at bay,” comments Webroot Australia's senior information security analyst Dan Slattery.
The Quarterly Threat Trends report also found that between 2-4% of all new files are either malware or potentially unwanted applications (PUAs).
The number of PUAs has dropped to 2.2% over the last year, it indicates that organisations have focused their efforts to detect and stop PUA use. As a result, attackers are not using these methods as much.
“The drop in the percentage of PUAs among new files is somewhat offset by the simultaneous increase in the total number of new files (benign, malware, and PUAs) being seen each year,” the report also adds.