Woburn, MA – February 22, 2017 – According to Kaspersky Lab’s analysis of the financial threat landscape, almost half of all phishing attacks (fraudulent email messages or copycat websites that appear legitimate) registered in 2016 by the company’s heuristic detection technologies were aimed at stealing victim’s money. Compared to 2015, the amount of financial phishing attacks increased by 13.14 percent in 2016 to comprise 47.48 percent of all phishing attacks blocked by heuristic detection technologies.
In 2016 Kaspersky Lab’s anti-phishing technologies detected almost 155 million user attempts to visit different kinds of phishing pages. Of those, almost half of heuristic detections were attempts to visit a financial phishing page, i.e. where the aim was to obtain valuable personal information from users — such as their account numbers for banking, credit accounts, social security numbers, and the login and passwords they use to access online banking. The cybercriminals intended to use this information to steal money from their victims. This is the highest share of financial phishing registered to date by Kaspersky Lab.
Banking phishing schemes are the absolute leaders among all types of financial phishing. Every fourth (25.76%) attack used fake online banking information, or other content related to banks – a result that is 8.31 percent higher than in 2015. The share of phishing related to payment systems and e-shops accounted for 11.55 percent and 10.14 percent respectively, an increase of 3.75 percent and 1.09 percent compared to 2015. The share of financial phishing detected on MacOS computers was 31.38 percent.
The distribution of different types of financial phishing in 2016
Financial phishers are particularly keen to use data related to top multi-national banks, popular payment systems and internet shops and auctions from the U.S., China and Brazil in their scams. The list of brands used stays the same from year to year, as their popularity remains high and they are therefore a lucrative target for cybercriminals.
“Financial phishing has always been one of the easiest ways for cybercriminals to earn illegal money,” said Nadezhda Demidova, senior web content analyst at Kaspersky Lab. “You don’t have to be a skilled programmer, and you don’t have to invest lots of money into supporting infrastructure. Of course, most phishing schemes are easy to recognize and avoid, but judging by what we see in our statistics, lots of people are still not cautious enough when it comes to dealing with financial data online. Otherwise, we wouldn’t have seen so many attacks in 2016.”
In order to protect themselves from phishing, Kaspersky Lab experts advise users to take the following measures:
To learn more about financial phishing and the other findings in the Financial Cyberthreats in 2016 report, read our blogpost on Securelist.com
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter
Media Contacts:
Denise Bertrand
781.503.1836
denise.bertrand@kaspersky.com