Phishing Attacks Increased by 59 Percent in 2017: Kaspersky Report
Phishing attacks have increased by 59 percent in 2017, compared to the figure in 2016, according to a report published by Kaspersky Lab. The ‘Spam and Phishing in 2017‘ report by the Kaspersky Lab also points out that this increase in phishing attacks has happened during a time span when there has been a decrease in the average amount of spam.
A Kaspersky press release based on the report says- “Overall, the average amount of spam in 2017 decreased to 56.63 percent, which is 1.68 percent less than in 2016. At the same time, the number of phishing attacks increased – the Kaspersky Lab Anti-Phishing system was triggered 246,231,645 times on the computers of Kaspersky Lab users, which is 59 percent higher than in 2016.”
As per the report, the trend followed globally by criminals mostly included the usage of “hot topics”, like FIFA 2018 or Bitcoin, to lure users into opening phishing emails so that criminals can get away with their money or personal information. The spammers monitor global issues and major events and then they try to capture and capitalize on the victims’ attention. These tactics are proving to be highly effective, especially because of the decreased attention and the increased unconditional trust that users today seem to have. Hence they readily follow false instructions and the spammers manage to cheat them easily.
The trend was visible when, in 2017, the world was preparing for FIFA 2018 and spammers kept on sending emails with fraudulent messages and including the official FIFA logo, information regarding organizers etc and notifying them of lottery wins or promising them free tickets. The users are easily tempted to open the attachments or click on the links that come with the phishing emails, thereby making things very easy for the spammers.
Spammers also saw Bitcoin as a favorite spam and phishing topic in 2017, especially since Bitcoin’s price was drastically rising. The spammers come up either with websites that look like cryptocurrency exchanges or with services (fake) that seem to offer cloud-mining. At the same time, the cyber criminals have also been using Bitcoin as bait in the traditional fraud schemes, like fake lottery winnings for instance. They also offer for purchase, in addition to the targeted address databases advertised through spam, databases with emails for cryptocurrency users, along with tempting promises, of great opportunities. The criminals were also distributing malware using spam emails which seemed to contain instructions for cryptocurrency trading or having utilities for earning Bitcoins.
The Kaspersky press release says- “Kaspersky Lab researchers have previously recorded a growth in blockchain-themed tricks in the third quarter of 2017. By the end of the year, an extensive arsenal of spammer tools was noted.”
The Kaspersky Lab report also highlights the other important trends and statistics in 2017. The report says that the U.S. was the most popular source of spam (13.21%), followed by Chima (11.25 percent), Vietnam (9.85 percent), India, Germany, Russia, Brazil, France and Italy. Germany was the country that was most targeted by malicious emails; other countries that were most targeted include China, Russia, Japan, UK, Italy, Brazil, Vietnam, France and UAE. Brazil had the largest percentage of users (29.02%) affected by phishing attacks.
The Kaspersky press release also includes a statement by Kaspersky Lab spam analyst expert Darya Gudkova, who says- “In 2017 we saw a slight decrease in spam activities, but throughout the year, spammers haven’t missed any reason to steal users’ personal information, keeping their eyes on what’s happening in the world. As sports events such as the upcoming FIFA World Cup and others take place, their activity will only increase. Moreover, in 2018 we expect further development and growth of cryptocurrency-related spam and phishing – with more cryptocurrency diversity besides Bitcoin, which was widely used in the previous year, and with ‘pump and dump’ schemes.”
Kevin Jones250 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others. He holds prestigious certifications like OSWP, OSCP, ITIL. His goals in life are simple - to finish her maiden business venture on Cybersecurity, and then to keep writing books for as long as possibly can and never miss a flight that makes the news.