RiskFinancial CrimeFinancial Data Main Target in Phishing Attacks

Financial Data Main Target in Phishing Attacks

More than one in four (28.8%) of phishing attacks in 2014 were intended to steal financial data from users, according to Kaspersky Lab’s 2014 study.

The protection software vendor reports that while carrying out their scams, cybercriminals have shifted their focus from bank brands to payment systems and online shopping sites.

Phishing is a type of Internet fraud used by cybercriminals to lure users into providing their account logins, passwords and other personal information by creating fake web pages to imitate popular online resources.

The 2014 study found that cybercriminals used the names of well-known banks in 16.3% of attacks; in 2013, the level of bank phishing was 22.2%.

In the payment systems category, cybercriminals mostly targeted data belonging to users of Visa cards (31.02%), PayPal (30.03%) and American Express (24.6%). The names of well-known online shopping sites were used in 7.3% of attacks, against 6.5% in 2013.

Amazon remains the most commonly-attacked brand in the online shopping category – 31.7% of attacks in this category used phishing pages mentioning Amazon, although this is 29.41 percentage points less than in the previous year.

“The rise in financial phishing that we saw in the past has naturally drawn a response from the brands most frequently abused in phishing scams – they are beginning to tackle phishing distribution channels, especially email spam, more actively,” said Nadezhda Demidova, web content analyst at Kaspersky Lab. “That leads to a reduction in the levels of phishing that targets some of the larger brands.

“However, cybercriminals immediately responded by targeting new ‘markets’. For example, in 2014 we saw a large number of phishing scams based on websites that sell plane tickets. These are targets that used to be seen fairly infrequently in phishing scams.”

The 2014 study notes that modern phishing websites are getting more and more sophisticated, making them very hard for users to recognise. “That is why we recommend using an Internet security solution with an advanced anti-phishing technology in place,” the study authors add.

Related Articles

Why working in silos is a killer when battling financial crimes

Cyber Security & Fraud Why working in silos is a killer when battling financial crimes

2m Andrew Simpson
PSD2: dull name, but seismic effect

Clearing & Settlement PSD2: dull name, but seismic effect

4m Alex Kwiatkowski
Staying one step ahead: PSD2 and the future of fraud

Financial Crime Staying one step ahead: PSD2 and the future of fraud

5m Seth Ruden
8 predictions for treasury in 2018

Financial Crime 8 predictions for treasury in 2018

5m Bob Stark
FDIC sues 9 European banks over Libor

Banking FDIC sues 9 European banks over Libor

9m Victoria Beckett
Appreciating supply chain cyber risk

Cyber Security & Fraud Appreciating supply chain cyber risk

9m Peregrine Storrs-Fox
The death of the password: biometric banking

Automation The death of the password: biometric banking

9m Paul Sheldon Foote
The insecurity of fraud victims in the fight against cyber-assailants

Bank Relationships The insecurity of fraud victims in the fight against cyber-assailants

9m Keiron Dalton