Phishing Attacks Up by Fourteen Percent, Most Attacks Occur Mid-week
September 26, 2017
According to a report from security company eSentire, security threats in the fraud and phishing-related categories increased by fourteen percent over the first quarter of 2017, while malicious code fell by around five percent. This trend is consistent with previous reporting; as target platforms become increasingly hardened, the most successful criminal activity involves attacks requiring user intervention. The highest volume of phishing attacks occurs mid-week, when users are available to click on malicious links distributed through email. Alternatively, most malicious code activity is detected on Mondays when computers are turned on after the weekend.
"It is highly probable that this trend occurs because malicious code and fraud-related attacks are relying on users' interaction (typically, by employees who occupy the workplace during the work week)," the report noted. "For example, when email is used as a delivery method, a user must at some point initiate the download, execute a payload attachment or enter credentials to a fraudulent web page. Likewise, by browsing the web, users are exposed to malicious redirect attempts pointing a web browser to infrastructure controlled by adversaries," it said.
As for targets, the financial sector is the largest targeted industry by volume. The technology and biotechnology industries have a greater number of overall attacks per active device due to dependence upon more overall devices exposed to external threats. The threat report observed that phishing attacks will continue to be a preferred attack vector over client-side exploitation. Phishing techniques have long been considered a reliable means of compromise. Costly development of exploits is not required when adversaries can simply lure a victim into clicking on a link or executing a malicious file. The report contends that phishing will continue its upward trend into Q3.
CalTech offers a full spectrum of cyber-threat protection services, specifically engineered for financial institutions. For more information, contact CalTech at 877-223-6401, or visit www.caltech.com.