sb-au logo
Story image

Webroot sheds light on the short, sharp lifecycle of phishing websites

12 Dec 2016

Phishing websites have shorter lifecycles than ever before, but their numbers becoming much more prevalent - and Google, Paypal, Yahoo and Apple are the main targets, according to new Quarterly Web Update findings from Webroot.

84% of phishing sites exist for less than 24 hours, and the average life cycle is less than 15 hours, the company found. However, an average of more than 400,000 phishing sites are cropping up each month, and most of those are hidden within unused domains.

Phishing sites are becoming much more cunning, playing on sophisticated techniques to get information from people and companies.

Webroot CTO Hal Lonas says phishing sites can even exist for as few as 15 minutes.

“In years past, these sites could endure for several weeks or months, giving organisations plenty of time to block the method of attack and prevent more victims from falling prey. Now, phishing sites appear and disappear in the span of a coffee break, leaving every organisation, no matter its size, at an immediate and serious risk from phishing attacks," Lonas says.

Webroot also found that old techniques that used static or crowdsourced blacklists of bad domains and URLs must now be abandoned. Additionally, all URLs must be checked each time they are requested because it takes only seconds for a genuine website to be compromised.

Google is also the most targeted 'high risk' organisation, with 21% of all phishing sites impersonating the company between January and September this year. Paypal, Yahoo and Apple were close behind.

Webroot says that cloud-based machine learning is the only way to prevent malware, ransomware, phishing and other cyber threats. These are able to keep not only keep up with the scale of attacks, but also attack methods, such as polymorphic behaviours.

The company says cloud-based machine learning also shows how millions of objects, including good and bad objects, communicate online.

"When it comes to finding the richest and most highly differentiated source of input for cloud-based machine learning driven security, nothing beats real-world endpoint and web sensor data. Organisations that incorporate real-world data from millions of endpoint sensors are better positioned to identify never-before-seen and zero-day threats the moment they emerge, anywhere in the world," Webroot concludes.

Link image
Webinar: Best practices for keeping your video chats secure
Video collaboration providers nowadays operate exclusively on a multi-tenant, public cloud - and security and privacy concerns have come into the spotlight. Here's how to secure your communications.More
Story image
McAfee finds vulnerabilities in 'temi' the videoconferencing robot
Temi is commonly used in environments including businesses, healthcare, retail, hospitality, and other environments including the home.More
Link image
Creating a lean business machine with automation and low-code
Forrester data indicates that process automation was a strategic initiative for many organizations before COVID and remains so after. Catch this webinar to learn more about automation.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
The SASE triangle: How a CASB protects managed apps
Enterprises that fail to adapt to the modern business world when it comes to security are likely to fall prey to data breaches and experience a host of other problems, writes Bitglass product marketing manager Will Houcheime.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More