Phishing continued to be one of the major online threats throughout 2016. Webroot statistics show that 84% of phishing sites were online for less than 24 hours, which makes their average life cycle less than 15 hours. These numbers show that phishing has become more sophisticated, and such websites are crafted quickly and carefully, successfully obtaining sensitive details from people and organizations.
Hal Lonas, Webroot’s CTO, says that their data shows that a phishing site can last for as little as 15 minutes, adding that:
In years past, these sites could endure for several weeks or months, giving organizations plenty of time to block the method of attack and prevent more victims from falling prey. Now, phishing sites appear and disappear in the span of a coffee break, leaving every organization, no matter its size, at an immediate and serious risk from phishing attacks.
Phishing Continues to Evolve
2016 has seen a serious uptick in phishing attempts, with 400,000 sites observed each month. The intensity of these attacks also shows that counter measures tactics need to change. The use of static or crowdsourced blacklists of bad domains and URLs is no longer efficient, as the average life of a phishing site is decreasing constantly.
As mentioned in the beginning, 84% of phishing sites only last a day. Furthermore, statistics show that the employment of dedicated domains for phishing has disappeared. Thus, users should check URLs each time they are requested. A page that was safe seconds ago may now be compromised.
Google, PayPal, Yahoo and Apple Targets of Phishing Attacks
Well-known and widely-spread services are often leveraged. Webroot even established that Google is the company with the largest negative impact of an impersonation. These are outlined as high-risk organizations, with 21% of all phishing sites in the period January-September 2016 impersonating Google.
On top of everything, cybercriminals are restless when it comes to developing new tactics and attack vectors, and phishing is not an exception. Sensitive information is highly desirable, and the shift towards “malicious-software and-activities-as-a-service” only makes things worse. To no one’s surprise, phishing has also shifted to “phishing-as-a-service”.
Another report, issued by Imperva’s Hacker Intelligence Initiative shows in detail how a phishing-as-a-service store on the Russian black market offers a “complete solution for the beginner scammer”. Anyone can easily buy databases of emails, templates of phishing scams, and a back-end database to store stolen credentials.