Sharp Rise in Phishing Attacks against SaaS, Webmail Services
Phishing attacks against businesses offering SaaS (Software-as-a-service) and web-based email services have increased considerably in the first quarter of the current year, as per a recent report.
According to the Phishing Activity Trends Report released by APWG (Anti-Phishing Working Group) and focusing on the period between January and March 2019, cybercrime groups have shifted their attention from payment services to businesses offering SaaS and web-based email services. At the same time, there has been a considerable decrease in the volume of attacks against cloud storage and file hosting sites; from 11.3 percent it has dropped to around 2 percent.
It’s only natural for cybercriminals to target SaaS platforms and webmail services since they are becoming more and more popular. The rising popularity is because of the fact that these services are easy to use by anyone who has internet access and also because they provide online business solutions. It’s mostly through phishing attacks that such services are targeted. Experts point out that though many businesses today are concerned about targeted hacking and DDoS attacks, most organizations seem to be worried about phishing attacks the most.
The APWG report points out that 36 percent of all phishing attacks that took place in Q1 targeted SaaS and webmail services. The report states, “Phishing that targeted Software-as-a-Service (SaaS) and webmail services became the biggest category of phishing. At 36 percent of all phishing attacks, it eclipsed phishing against the payment services category for the first time.”
The report also points out that the total number of phishing websites detected by APWG in Q1 was up notably over Q3 and Q4 of 2018. Similarly, the number of phishing attacks hosted on Websites having HTTPS and SSL certificates also reached a new high. The report states, “The total number of phishing sites detected by APWG in 1Q was 180,768. That was up notably from the 138,328 seen in 4Q 2018, and from the 151,014 seen in 3Q 2018…The number of unique phishing reports submitted to APWG during 1Q 2019 was 112,393. These were phishing emails submitted to APWG, and exclude phishing URLs reported by APWG members directly into APWG’s eCrime eXchange.”
Through such phishing attacks, cybercriminals seek to steal sensitive data like geolocation, email addresses, credit card data, payment details, personal preferences of users etc.
Now, let’s discuss the relevance of the findings revealed by the report in the current context. On the one hand, the rise in phishing attacks targeting businesses offering SaaS and webmail services is notable. At the same time, it’s to be noted that hackers are increasingly using SSL/HTTPS-hosted websites (that are usually thought to be secure) for executing phishing attacks. The report also explains that of all phishing attacks, while 36 percent targeted SaaS/webmail services, 27 percent targeted payment solutions, 16 percent targeted financial institutions, 15 percent targeted other organizations and only 3 percent targeted eCommerce / Retail and Telecom. In this context, there are two things that need to be noted. On the one hand, it’s highly important that organizations go for the most advanced of security solutions and digital forensics to protect themselves and to identify/detect threats, attacks and the bad actors. On the other hand, they must also go for adopting a well-planned and legitimate security policy and at the same time train their employees to stay wary of phishing scams since clients’ data policy should also be of utmost importance for them.
APWG is a not-for-profit industry association comprising of over 2,000 enterprises worldwide and focused on eliminating identity theft and frauds that are caused by phishing, crimeware, and email spoofing.
Julia Sowells951 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.