What Is The Top Phishing Day Of The Week? And Why?

[caption id="" align="alignleft" width="280" caption="Top Phishing Day"]Top Phishing Day[/caption]

Websense reported on October 8, 2012 about their July-August 2012 research. They said: "A disturbing new twist on targeted attacks has started to emerge this year that directly affects professionally managed networks. If we look at the days of the week when most phishing emails are sent, we notice a huge uptick in volume on Fridays, Sundays and Mondays.

Most phishing emails are sent on Fridays, followed by Monday and Sunday. The bad guys have learned that they can evade email security measures by sending an email with a clean link on Friday or over the weekend – bypassing email URL scanning. Then, over the weekend they compromise the URL with malicious code. The top phishing days of the week (percentage) are :

Friday (38.5%)

Monday (30%)

Sunday (10.9%)

Thursday (6.5%)

Tuesday (5.8%)

Wednesday (5.2%)

Saturday (3.2%)

A typical attack of this type would have the bad guy doing the following:

  • 1) Find a URL that can be easily compromised… but do nothing at that time. Leave it ‘as is’ for now.

  • 2) Craft an email that will not trigger spam, AV or other security measures based on its content, but include links to the currently ‘safe’ URL. Since they typically pretend to be something legitimate, it is best to simply copy a legitimate message… and only change one link to the ‘safe’ URL.

  • 3) Send the email over the weekend, or late at night, so email defenses will approve the email and deliver it into the user’s mailbox.

  • 4) Just before you believe employees will begin accessing email, compromise the URL and install that part of the attack strategy.

    Evasion techniques like these help when hackers are going for the big game – spear-phishing employees with access to a specific network or data or whale phishing, the targeting of executives at companies. That is why it is very important to have all employees get high-quality security awareness training.

    There is more at the Websense website. Click here.

  • Subscribe to Our Blog

    Comprehensive Anti-Phishing Guide

    Get the latest about social engineering

    Subscribe to CyberheistNews