As credential theft-focused phishing attacks continue to assist initial access brokers, new data shows banking fraud continues to be a material threat to individuals and businesses alike.
Behind every cyberattack is the motive to monetize the attack as quickly as possible. And one of the fastest ways is to simply obtain the victims banking credentials. According to new data from cybersecurity vendor Fortra, the financial services sector was the most impersonated in Q4 of last year, representing 55% of all impersonated business sectors. Up just 3% from the previous quarter, the financial services sector continues to provide threat actors with an easy means to trick victims into giving up direct access to their money, credit cards, lines of credit and more.
Source: Fortra
According to the report, the impersonation of businesses within the financial sector included national and regional banks, credit unions and other related businesses. The credential theft at the end of these attacks was primarily done at no cost to the attacker; according to Fortra, three-quarters of the phishing sites were staged through no-cost methods such as compromising an existing website or abusing a free web tool or service. In nearly 60% of the attacks, a legacy global top-level domain name (e.g., .com and .org) were used to add legitimacy to the attacks.
It's been shown that banking scams work very well, putting both individuals and businesses at financial risk – all it takes is the right set of banking credentials and the victims accounts can be completely wiped out in a matter of minutes. And because these attacks all start with a phish, it’s imperative that businesses enroll their users in continual Security Awareness Training to ensure they are kept updated on the latest phishing scams and social engineering tactics, so that the organization – and it’s money – stay secure.
Here's how it works:
