Blog

Phishing Attack Trends for 2019

Phishing Attack Trends for 2019

posted by: FraudWatch International date: May 31, 2019 category: All, Brand Protection, Phishing, Uncategorised comments: 0

Phishing Attacks impersonate organizations or businesses through phishing emails and fake websites. The criminals who engage in phishing attacks seek access to private and sensitive information, like login credentials, credit card details, and social security numbers. 

Every year, fraudsters get smarter and their techniques become more sophisticated. By constantly changing their tactics, they continue to find new victims. In this article, we’ll look at Phishing Attack Trends for 2019 and how to stay ahead of these threats.

Anticipated phishing attack trends for 2019

Although fraudsters change their tactics on a regular basis, FraudWatch International anticipates seeing several of the following trends this year:

  • HTTPS Encryption — Some phishing sites have begun using HTTPS encryption. In fact, there has been close to 900% increase in this type of attack since the end of 2016.
  • Mobile Phishing —Expect an increase in mobile phishing. Specifically, via text messages (SMS) sent to customers, where the content is only viewable on a mobile device.
  • Geographically Accessible Phishing — Targeting a specific audience in a geographic location is on the rise. For example, certain phishing attacks may only be viewable on a mobile device in New Zealand, and only on certain networks.
  • New Hosting Providers — Hackers are using new hosting providers to determine which ones host their pages for longer.
  • Abundant Folders — To increase the time the page is active, criminals will also use numerous folders containing the phishing pages. Since a new folder/URL will be loaded every time the page is accessed, this gives the criminals more time, and hundreds of ways to keep the phishing sites active for longer, thereby obtaining more victims.

Continued Use of Proven Attacks

In addition to the trends listed above, hackers will continue to use the following established methods in their phishing attacks: 

  • Social Media — Fake advertisements will continue to spread via Facebook and other social media platforms. These links might open to phishing pages, or they might also load malware onto browsers or computers.
  • Messaging Platform Attacks — There will be continued use of messaging platforms, like WhatsApp, for malicious activity. For example, phishers might post a survey, promising the person a chance to win a prize. However, the contest entry cannot be submitted without forwarding the message to 20 WhatsApp contacts. The forwarded message also contains a malicious link, which ensures the attack spreads quickly. 
  • Malicious Sub-domains — Hackers create sub-domains that impersonate real websites. Not too long ago, hackers spoofed a major airline’s website with a malicious mobile-only subdomain. Since the subdomain was only viewable via mobile devices, browsers didn’t display the full URL. As a result, the subdomain tricked customers into believing they were visiting the airline’s legitimate mobile site.

Criminals will also continue to utilize tricks like, Fake 404 or Account Suspended pages, free hosting pages, as well as malicious domains registered using stolen credit card credentials.

The most prevalent phishing attacks are the ones that are difficult to replicate. These tend to stay active the longest because hosting providers have difficulty replicating them. As a result, they require more investigation and this keeps the attacks active for longer. 

A new attack is one that blocks certain operating systems. For example, Fraudwatch International discovered a phishing kit that blocked Android devices content, but allowed the same content on iOS devices. FraudWatch was able to analyze the phishing kit and explain to the hosting provider how to view the content.

Should we suspect an increase or decrease in phishing attacks? 

Phishing attacks have been increasing for many years. Cyber criminals may change the target of their attacks, however, there are no signs of these types of attacks decreasing.

Does FraudWatch anticipate new forms of phishing attacks? 

According to FraudWatch’s Threat Intelligence Analysts – the answer is YES. As stated above, criminals change their methods as new technologies and solutions develop. In Brazil, criminals have infiltrated a major banking organization’s boleto payment system. Currently, boletos are the preferred cash payment method in Brazil. These can either be printed, or be used as virtual vouchers that let Brazilians pay bills in 40,000 processing locations. Each boleto contains unique payment details (bar codes and serial numbers) along with other details (transaction amount, issuing bank code, customer information, description, and expiration date). Using stolen or fake boletos, criminals make a digital purchase, defrauding the rightful owner of the boleto’s cash value. In another instance, fraudsters lure victims while shopping on the websites of well-known retailers by advertising available discounts for those using boleto as a payment method. When the victim goes to complete their transaction and selects boleto as the preferred payment method, they are not actually completing a transaction for the product(s) they are intending to purchase. Instead, they are unknowingly providing access information to their boleto. 

In this case, hackers have embraced this new payment system to their criminal advantage. In the same way, expect criminals to continually change their methods to keep pace with emerging technologies. 

The importance of awareness about phishing attacks

For the average business and its employees, recognizing an attack is often the first step in prevention. By keeping pace with the attackers, businesses can better protect themselves and their brands, as well as their employees, and their clients. 

Another main reason to be aware of phishing attacks, is the need for phishing protection to evolve along with the phishing attacks. In order to stay current, cyber security companies should work to continually evolve detection methods. If existing systems or staff can’t detect specific attacks, the solution experts should evolve their technology to better identify attacks, and take them down as soon as possible. It is also extremely important to keep up with new trends and understand the risks facing both the businesses and their clients. 

Major ways that phishing impacts businesses

Every day, phishing attacks impact business in a number of ways. First of all, these attacks lead to lost revenue. Specifically, customers become frustrated and lose trust if an organization (like a financial institution) doesn’t address security issues in a timely manner. Along with damage to a business’ reputation, the financial impact and damage can be huge. What’s more, recovering from an attack may take months or even years.

How can organizations be better prepared for these types of attacks?

A major step in being prepared is understanding how these attacks can effect businesses. Security awareness is also extremely important, so that staff understand these attacks and can be more vigilant when performing daily tasks. Increasing cybersecurity awareness in your organization, can result in an improvement in malicious content awareness, and help keep employees up-to-date with the latest attack trends. Moreover, having digital brand protection in place is a crucial step in prevention. 

How does FraudWatch International combat phishing attacks?

Overall, FraudWatch International combats these attacks by removing the content affecting clients. In general, FraudWatch stays ahead of these attacks with a team of real people who investigate every attack. Our Security Operators work around the clock – monitoring, detecting, and analyzing phishing attacks. In addition to proactively monitoring for phishing activity, Fraudwatch International takes down offending content by working with a worldwide network of providers.

In one instance, we reported to clients that bank accounts were being used by criminals to launder money. Consequently, the banks actually closed the accounts and investigated the people responsible for the attacks.

Our Threat Intelligence Analysts monitor cyberspaces, where criminals congregate to gather intelligence on what they are planning, and communicate with the criminals to better understand how the attacks work and what the next attack might be. 

FraudWatch International: Protecting Your Brand and Your Clients

FraudWatch International focuses on disrupting phishing attacks by finding and removing malicious sites. Since 2003, FraudWatch has taken down hundreds of thousands of phishing sites. As Anti-Phishing specialists, Anti-Phishing protection and solutions are the core of our business. We are industry leaders with the fastest takedown rates. Contact us today to learn more.

Comments are closed.