Cybercriminals seem to be increasing their efforts in quantity, frequency, and obfuscation, according to the latest data from the international cybercrime coalition, the Anti-Phishing Working Group (APWG).
The APWG’s latest Phishing Activity Trends Report showcases some concerning trends in phishing attacks that organizations need to be aware of and respond to accordingly. These include:
- Increased Sites – this quarter, nearly 181K phishing sites were detected, a rise of 30% over last quarter
- Increased Encryption – 58% of phishing sites used encryption, a 26% increase
- Increased Targeted Brands – Nearly 1000 brands were targeted in Q1, a 13% increase
- Increased Focus on Web Applications – SaaS and Webmail applications took the number one spot as the most-targeted industry sector, representing 36% of all phishing attacks, a 21% increase
With the use of SaaS and webmail applications continually on the rise, it makes sense for cybercriminals to begin narrowing their focus on this lucrative – and, usually, far less secure, means by which to gain entrance into your organization.
These increases require responses from organizations that meet the attack methods toe-to-toe:
- Use of Web, DNS Scanning – solutions designed to take a look at where your users want to go on the web before they actually do will help to reduce their being presented with spoofed logon pages.
- Use of Decryption – larger organizations may want to look at using traffic decryption solutions that provide visibility into network traffic, allowing malicious content to be spotted before it impacts the organization.
- Use of Security Awareness Training – users need to be made aware of what current attack trends look like, what specific tactics the bad guys are using, how to spot an attack, and why they should care, all on a continual basis.
APWG’s data shows phishing is only getting started in 2019 and will continue to be a dominant tactic in cyberattacks. Organizations should shore up security efforts that counter the specific attack methods employed by cybercriminals to reduce the risk of successful attack.