Researchers at Kaspersky Lab have documented a drastic increase in the number of web users who have been “subjected” to phishing attacks over the past year, according to a new report.
The Moscow-headquartered security firm found that 37.3 million people faced the prospect of being phished in 2012 to present day, an 87 percent increase over the same period between 2011 and 2012.
In its “The Evolution of Phishing Attacks” study, Kaspersky Lab studied threats faced by roughly 50 million customers running its security products.
For several years, Kaspersky researchers have been warning that phishing is the preferred method of online criminals to steal information and foist malware – almost always with the goal to profit – but the mechanisms to automate the process are becoming even more rapidly automated and commercialized with each passing year.
“The nature of phishing attacks is such that the simplest types can be launched without any major infrastructure investments or in-depth technological research,” the report said. “This situation has led to its own form of commercialization of these types of attacks, and phishing is now being almost industrialized, both by cyber criminals with professional technological skills and IT dilettantes.”
Phishing can be spread in various ways, with most attacks (89 percent) appearing in the browser, versus email (11 percent), the report states.
“Phishers use several different methods to trick their potential victims,” the report said. “In addition to the obvious need to create a detailed copy of a website that will be used to attack the victim, the criminals also prepare their cover story by using similar website URLs, replacing one or several characters in the name of the website, or using recognizable website names in the sub-domains.
“If the delivery channel for a phishing link is email or electronic documents (.doc, .odf, or others), malicious users will often resort to the hyperlink features typically available in most text editors and email clients,” the report added. “In this case, the text of the email or document will display the link to the real site, but the link will actually lead to the website created by the malicious users.”
As expected, popular brands like Google, Amazon and Facebook are common brands that are abused by phishing attacks, as well as banks and other financial institutions, according to the study. Most of the scams targeted users in Russia, the United States, India, Vietnam and the U.K.
Please be sure to monitor your personal information and be cautious of the sites you provide with your financial information. If you notice any fraudulent or suspicious activity on any of your First Financial accounts, contact us by calling 866.750.0100, e-mailing firstname.lastname@example.org or stopping into any one of our branches.
To protect yourself and your loved ones from identity theft, enroll in First Financial’s new ID Theft Protection products today! Our products provide you with a professional Recovery Advocate who will do the work on your behalf, based on a plan that you approve. Should you experience an Identity Theft incident, your Recovery Advocate will stick with you all along the way – and will be there for you until your good name is restored. First Financial’s ID Theft Protection products include features such as lost document replacement, credit bureau monitoring, score tracker, and more. For more details or to get started click here.
*Click here to view the article source.