Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Phishing Attacks Rose by 30 Million in Q3 2018

    kaspersky-1

    Kaspersky Lab blocked 137 million phishing attempts in the third quarter of 2018, a 28 percent increase compared to Q2 2018. A report by the anti-virus company reveals that phishing attacks targeted 12% of Kaspersky’s customers around the world. More than a third of the attacks were directed at financial targets, including banks, electronic payment systems, and online stores.

    The report’s findings are consistent with a global increase in phishing over the past several years. Kaspersky Lab’s anti-phishing system blocked 154 million phishing attempts in 2016 and 246 million attempts in 2017. Both numbers have already been far surpassed in the first three quarters of 2018, with this year’s prevented attacks reaching well over 300 million.

    Kaspersky also highlighted several trends it observed during the quarter, including the way scammers are increasingly utilizing browser pop-ups. Pop-up phishing uses ambiguity about the source of a pop-up to trick victims who are visiting otherwise legitimate sites.

    “It is mainly deployed by websites that collaborate with various partner networks. With the aid of pop-up notifications, users are lured onto ‘partner’ sites, where they are prompted to enter, for example, personal data. The owners of the resource receive a reward for every user they process,” the report states. “By default, Chrome requests permission to enable notifications for each individual site, and so as to nudge the user into making an affirmative decision, the attackers state that the page cannot continue loading without a little click on the Allow button. The danger is that notifications can appear when the user is visiting a trusted resource.”

    Other schemes observed by Kaspersky included phony job applications, spoofed news websites, and Instagram verification scams. The report also notes an increase in sextortion emails that include real details about victims, including their names, passwords, and phone numbers.

    While technical defenses can stop some of these threats, social engineering attacks rely on human error and gullibility to bypass safeguards. Scammers are constantly honing their craft and coming up with new ways to manipulate people. One of the best ways an organization can defend against these methods is by providing new-school security awareness training for its employees.

    Educating employees on social engineering tactics will significantly improve the overall security of your organization by ensuring that employees have the knowledge to recognize new and sophisticated scams. Infosecurity Magazine has the story: https://www.infosecurity-magazine.com/news/phishing-attempts-soar-to-137/

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

     

    Return To KnowBe4 Security Blog

    Topics: Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews