Wednesday November 20, 2019
Home Lead Story Cyber-Crimina...

Cyber-Criminals Tend to Use Enterprise-Based Strategies for the Threat of Phishing

During the research period, with 6,035 domains, and 120 kit variations, high technology was the top industry targeted by phishing

0
//
Cyber-Criminals
This evolving method by Cyber-Criminals continues to morph into different techniques, one of which being business email compromise (BEC) attacks. Pixabay

Cyber-Criminals are using enterprise-based development and deployment strategies, such as phishing as a service (PaaS), to leverage some of the worlds largest tech brands, with 42.63 per cent of domains observed targeting Microsoft, PayPal, DHL, and Dropbox, a report from Cloud delivery network provider Akamai Technologies said on Monday.

The report also revealed that phishing is no longer just an email-based threat, but has expanded to include social media and mobile devices, creating a wide-reaching problem that touches all industries.

This evolving method continues to morph into different techniques, one of which being business email compromise (BEC) attacks.

According to the FBI, BEC attacks resulted in worldwide losses of more than $12 billion between October 2013 and May 2018.

“Phishing is a long-term problem that we expect will have adversaries continuously going after consumers and businesses alike until personalized awareness training programs and layered defense techniques are put in place,” said Martin McKeay, Editorial Director of the State of the Internet/Security report for Akamai.

The report found that Cyber-Criminals are targeting top global brands and their users across various industries through highly-organized and sophisticated phishing kit operations.

During the research period, with 6,035 domains, and 120 kit variations, high technology was the top industry targeted by phishing.

Following that, financial services, with 3,658 domains and 83 kit variants, was the second most-targeted industry. E-Commerce (1,979 domains, 19 kit variants) and media (650 domains, 19 kit variants) rounded out the list. In all, more than 60 global brands were targeted during the reporting period.

Cyber-Criminals
Cyber-Criminals are using enterprise-based development and deployment strategies, such as phishing as a service (PaaS), to leverage some of the worlds largest tech brands, with 42.63 per cent of domains observed targeting Microsoft, PayPal, DHL, and Dropbox. Pixabay

According to the report, Microsoft, PayPal, DHL, and Dropbox were the top targeted brands when it came to phishing, with Microsoft taking up 21.88 per cent of total domains (3,897 domains and 62 kit variants), PayPal taking up 9.37 per cent of total domains (14 kit variants), DHL (7 kit variants) taking up 8.79 per cent of total domains and Dropbox having 2.59 per cent (11 kit variants) of total domains.

Sixty per cent of the phishing kits observed were active for 20-days or less during the reporting period, which is becoming more common among phishing attacks.

ALSO READ: Pollution Levels in New Delhi Hit a Three-Year High

This short lifespan is likely why criminals continue to develop new evasion methods to keep their kits undetected. (IANS)

Next Story

Indian Cities Mumbai, New Delhi and Bengaluru face Majority of Cyber Attacks

As the digital footprint of India increases through capital intensive projects, hackers are targeting data and large scale disruption like never before

0
Cyber Attacks
Smart cities, financial services and transportation sectors lead the rankings in terms of Cyber Attacks. Pixabay

 There has been a 26 per cent increase in Cyber Attacks in India and Mumbai, New Delhi and Bengaluru together accounted for roughly 38 per cent of all attacks in the July-September period, a new report said on Wednesday.

The report prepared by Bengaluru-headquartered telecom solutions provider Subex identified over 3,500 modular malware samples in the country, registering a whopping 37 per cent increase.

Smart cities, financial services and transportation sectors lead the rankings in terms of cyber attacks, said the “State of Internet of Things (IoT) Security Report” for the third quarter (July-September period).

“As the digital footprint of India increases through capital intensive projects, hackers are targeting data and large scale disruption like never before,” said said Vinod Kumar, Managing Director and CEO, Subex.

“The increase in cyber attacks against the country and the strong geopolitical correlation indicate high levels of interest in targeting our critical infrastructure. Hackers are working to improve their ability to monetize cyber attacks,” he warned.

Malware of varying degrees of sophistication are being reported from a variety of deployments, including new projects surrounding renewable energy.

Most malware detected (36 per cent) could be traced to sources on the Dark Web while as much as 14 per cent of malware couldn’t be traced to a known source pointing to the arrival of new actors and malware shops on the scene,” the findings showed.

Cyber Attacks
There has been a 26 per cent increase in Cyber Attacks in India and Mumbai, New Delhi and Bengaluru together accounted for roughly 38 per cent of all attacks in the July-September period. Pixabay

The detection of malware connected with critical infrastructure projects has also registered an increase.

“This implies that hackers are targeting large scale disruption and are working to increase the cost associated with managing such projects as also negatively impact future investments in them,” the report added.

ALSO READ: Things You Need to Consider before Filling a Lawsuit

Independent hackers are increasingly feeling the need to monetize cyber attacks as the unit cost of malware has risen in the last quarter. Further, it is becoming increasingly difficult to source high-grade malware from multiple sources due to various factors, the report added. (IANS)