According to the latest research from RSA, attacks intent on committing financial fraud most frequently begin with tried and true phishing.
Financial fraud is a lucrative business for cybercriminals. Running the gambit from targeting banks directly to social engineering used to giving up online credentials or a credit card, there are a myriad of ways to take advantage of the unwitting. No matter the method, financial fraud attacks need to start with manipulating an individual somehow.
RSA’s just-released Q3 Fraud Report shows a 70% rise in phishing attack volume making phishing the number 1 attack method for financial fraud attacks. This increase highlights the simplicity and effectiveness of phishing (via email, phone call or SMS text, according to the report). The work necessary to fool an individual – given the ability for attackers to hit millions of email recipients at once – is minimal when compared to the financial take on the other end of the scam.
Some interesting details in the report include:
- Canada, the United States, and Netherlands topped the list of targeted countries
- 1 in 9 attacks targeted Latin America
- The United States hosted 48% of the attacks last quarter
- Mobile Browser-based attacks increased 16% over last quarter
Cybercriminals have their sights firmly set on attacks that yield the most revenue for their organization. Financial Fraud represents one of the clear paths to pulling in sizable sums each quarter. Phishing remains at the epicenter of scams, providing the easiest means to connect cybercriminals with users with their defenses down, willing to participate in the scam.
Here is an infographic that shows traditional crime vs cybercrime:
Users today need to understand the proliferation, sophistication, and wide range of attacks possible through Security Awareness Training. It’s through continual training and testing that users will begin to take on a mindset that keeps their guard up when interacting with the web or email – across any device being used, whether it’s personal or work-related, and regardless of whether the scam is brand new or well-known.
As long as cybercriminals can find ways to successfully commit financial fraud, you should expect phishing attacks to continue. The most effective way to continually protect you organization against these types of attacks is through Security Awareness Training.