Woburn, MA – February 28, 2018 – According to Kaspersky Lab anti-phishing technologies, in 2017 over 246 million user attempts to visit different kinds of phishing pages were detected, with 54 percent being attempts to visit a financial-related website vs. 47 percent in 2016. This analysis of the financial threat landscape marks the first time, since recording phishing attempts, that figures have reached over 50 percent.
Financial phishing attacks are fraudulent messages which link to copycat websites that appear legitimate. They aim to gain users’ credentials for banking and credit accounts, and data to access online banking or money transfer accounts – all for the purpose of stealing the victims’ money afterwards. With 54 percent of phishing attacks taking this form, more than every second attack across the world is looking to steal a victims’ money.
In 2017, the share of all financial phishing categories – attacks against banks, payment systems and e-shops – grew by 1.2, 4.3, and 0.8 percentage points respectively and made up the top three categories in overall phishing attacks detected – for the first time.
The distribution of different types of financial phishing detected by Kaspersky Lab in 2017
Moreover, attacks related to the global internet portal category – which includes global search engines, social networks, etc. – fell from the second place in 2016 to fourth position in 2017 with a decrease in share of more than 13 percentage points. This shows that criminals show less interest in stealing these types of accounts and are now focusing on accessing money directly.
The data also reveals that Mac users are in increasing danger. Contrary to popular belief about the security of Mac devices, 31 percent of phishing attacks in 2016 against users of the platform were aimed at stealing financial data. The share peaked in 2017, reaching 56 percent.
“The increased focus cybercriminals have on conducting financial phishing attacks means that users need to remain extra vigilant,” said Nadezhda Demidova, lead web content analyst at Kaspersky Lab. “To get a hold of our money, fraudsters are constantly looking for new methods and techniques to trick us. We need to be just as determined to not let them succeed by constantly investing in cyber literacy.”
In order to protect themselves from phishing, Kaspersky Lab experts advise users to take the following measures:
Other key findings in the report include:
Android banking malware:
To learn more about financial phishing and the other findings in the Financial Cyberthreats in 2017 report, read our blogpost on Securelist.com.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.