• Kaspersky Lab anti-phishing system prevented more than 137 million attempts to visit fraudulent web-pages in the third quarter of 2018.
• It exceeds the number in Q2 by 27.5%, demonstrating the fast growth in phishing attacks. This and other findings were documented in Kaspersky Lab’s ‘Spam and phishing in Q3 2018’ report.
Phishing is often considered to be one of the trickiest types of cyberattacks, since it is based on social engineering techniques and can go unnoticed. In most cases, fraudsters create a replica of a trustworthy landing page, enticing a victim to enter their credentials along with any other valuable information or pay for non-existing services. The consequences of such attacks may vary from a loss of money to the compromising of whole entities, where employees have not been attentive enough and provided fraudsters with credentials to access the system.
All in all, 137,382,124 attempts to visit phishing websites were detected, which is more than half of the figure recorded in the whole 2017. Fast growth of phishing attacks is a continuation of a trend set earlier this year, as there has been an increase in phishing attacks in every quarter of 2018.
Organisations hit by phishing in Q3 2018
The financial segment was hit especially hard: more than a third of all the phishing attacks were aimed at banks, payment systems and e-commerce. This activity is a further development of a Q2 trend, when the figure was over 20%.
The country with the highest percentage of users attacked in Q3 was Guatemala with almost 19%,surpassing the leader of a previous quarter – Brazil. This country saw the second highest percentage of users attacked with 18.6%. The third place was taken by Spain, with 17.5% of users subjected to phishing attacks.
“We’ve been witnessing a rise in the number of phishing attempts for a while now. Many factors influence such growth, like fraudsters’ ability to keep coming up with new schemes and tricks. They also borrow the ideas from foreign “colleagues” to use on local markets as means of communication, which further helps their technologies develop. For example, in Q3 they actively directed users to the fraudulent website with transmitters and scam-notifications, as well as by exploiting the new iPhone release as a news hook. As new technological and informational updates appear, phishers begin to exploit them,” said Nadezhda Demidova, security researcher at Kaspersky Lab.
Kaspersky Lab experts advise users to take the following measures to protect themselves from phishing :
- Always check the link address and the sender’s email if they are genuine before clicking anything. Even better, do not click the link, but type it into the browser’s address line instead to be sure that the name of link in the message doesn’t cover another hyperlink. If you are not sure that the website/sender is real and safe, never enter your credentials. If you think that you have probably entered your login and password on a fake page, immediately change your password!
- Only use a secure connection, especially when you visit sensitive websites. Do not use unknown or public Wi-Fi without password For maximum protection, use VPN solutions that encrypt your traffic, such as Kaspersky Secure Connection. If you are using an insecure connection, cybercriminals can unnoticeably redirect you to phishing pages.
- Use a proper security solution with behavior-based anti-phishing technologies, such as Kaspersky Security Cloud and Kaspersky Total Security, which will warn you if you are trying to visit the phishing web page.
Find more details about spam and phishing in Q3 2018 on : Securelist.com