Financial Phishing on the Rise
Attacks on financial institutions may have fallen off from the first quarter of 2018, decreasing by 8.22%, but the financial sector still remains the criminal underworld’s preferred phishing hole. And a relatively new social engineering scam has taken its place alongside traditional phishing email: fraudulent cryptocurrency offers.
Kaspersky Lab’s report on spam and phishing for the second quarter of 2018 showed that 35.7% of observed attempts were against financial. Customers were targeted through fraudulent banking or payment services as criminals harvested such sensitive personal information as names, passwords, email addresses, phone numbers, credit card numbers, and PIN codes.
The quarter was a busy one, with some 107 million attempts tracked. 21.1% of the attacks targeted banks, 8.17% targeted e-shops, and 6.43% went after payment services. Nadezhda Demidova, lead content analyst at Kaspersky Lab, noted that the prevalence of such attacks reflects the fact that more people are using electronic transactions. Many of those users are unaware of their potential risks, which leaves them an attractive target for social engineering. Alongside traditional phishing, cyber criminals increasingly try to induce their victims to transfer cryptocurrency into a fraudulent wallet. These attempts often include offers of free distributions of cryptocurrencies, or they seek to exploit the allure surrounding the names of new initial coin offerings (ICO).
Kaspersky estimates that more than 2.3 million dollars have been stolen this way during the second quarter. Brazil topped the list of phishing attacks at 15.51%, followed by China and Georgia, both at 14.44%, Kirghizstan at 13.6%, and Russia at 13.27%. China was the largest producer of spam. The lesson to be drawn from this, of course, is that social engineering remains a leading form of criminal activity. Organizations would do well to inoculate their employees by stepping them through new-school security awareness training.
ARCGlobal Solution Solutions provide robust consumer and end user awareness training through www.arcgloballtd.com/ebook.