A sophisticated cyber-operation code-named Dark Tequila has been targeting users mainly in Latin America and in particular Mexico, for at least the last five years, stealing bank credentials, personal and corporate data with malware that can move laterally through the victim computer while offline.Read More >
In 2017 Kaspersky Lab’s anti-phishing technologies detected over 246 million user attempts to visit different kinds of phishing pages. Of those, over 53% were attempts to visit a financial-related website – 6 percentage points higher compared to data from 2016. This is the first time since recording phishing attempts that figures have reached over 50%, according to analysis of the financial threat landscape by Kaspersky Lab.
Financial phishing attacks are fraudulent messages which link to copycat websites that appear legitimate. They aim to gain users’ credentials for banking and credit accounts, and data to access online banking or money transfer accounts – all for the purpose of stealing the victims’ money afterwards. With 53% of phishing attacks taking this form, more than every second attack across the world is looking to steal a victims’ money.
In 2017 the share of all financial phishing categories – attacks against banks, payment systems and e-shops – grew by 1.2, 4.3, and 0.8 percentage points respectively and made up the top 3 categories in overall phishing attacks detected – for the first time.
The distribution of different types of financial phishing detected by Kaspersky Lab in 2017
Moreover, attacks related to the global internet portal category – which includes global search engines, social networks, etc. – fell from the second place in 2016 to fourth position in 2017 with a decrease in share of more than 13 percentage points. This shows that criminals show less interest in stealing these types of accounts and are now focusing on accessing money directly.
The data also shows that Mac users are in increasing danger. Contrary to popular belief about the security of Mac devices, 31.38% of phishing attacks in 2016 against users of the platform were aimed at stealing financial data. The share peaked in 2017, reaching 55.6%.
“The increased focus of cyber criminals to conduct financial phishing attacks means users need to remain extra vigilant. To get to grips with our money, fraudsters are constantly looking for new methods and techniques to catch us out. We need to be just as much determined to not let them succeed, by constantly investing in cyber literacy,” said Nadezhda Demidova, lead web content analyst at Kaspersky Lab.
In order to protect themselves from phishing, Kaspersky Lab experts advise users to take the following measures:
- Always check the legitimacy of the website when paying online. This includes https connections and the domain name belonging to the organization that you think you are paying.
- Use a proven security solution with behavior-based anti-phishing technologies. This will make it possible to identify even the most recent phishing scams which haven’t yet been added to anti-phishing databases.
Other key findings in the report include:
- In 2017 the share of financial phishing increased from 47.5% to almost 54% of all phishing detections. This is an all-time high according to Kaspersky Lab statistics for financial phishing.
- More than every fourth attempt to load a phishing page blocked by Kaspersky Lab products is related to banking phishing.
- The share of phishing related to payment systems and e-shops accounted for around 16% and almost 11% accordingly, in 2017. This is slightly (by single percentage points) more than in 2016.
- The share of financial phishing encountered by Mac users grew nearly twice, accounting for approximately 56%.
- The number of users attacked with banking Trojans fell from 1,088,900 in 2016 to 767,072 in 2017, showing a decrease of 30%.
- 19% of users attacked with banking malware were corporate users.
- Users in Germany, Russia, China, India, Vietnam, Brazil and the US are those most often attacked by banking malware.
- Zbot is still the most widespread banking malware family (almost 33% of attacked users) being challenged by the Gozi family (27.8%).
Android banking malware:
- In 2017 the number of users that encountered Android banking malware decreased by almost 15% to reach 259,828 worldwide.
- Just three banking malware families accounted for attacks on the vast majority of users (over 70%).
- Russia, Australia and Turkmenistan are the countries with the highest percentage of users attacked by Android banking malware.
To learn more about financial phishing and the other findings in the Financial Cyberthreats in 2017 report, read our blogpost on Securelist.com
Related Articles Virus News
In the second quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented over 107 million attempts to visit phishing pages, of which 35.7% were related to financial services and targeting customers through fake banking or payment pages.Read More >
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analysing more than 150 malware families and their modifications circulating through 600,000 botnets around the world.Read More >