Financial-related attacks dominate phishing attempts in 2017
In 2017, anti-phishing technologies developed by Kaspersky Lab detected more than 246 million user attempts to visit phishing web pages.
Of these, 54 percent were attempts to visit fake financial web pages — compared with 47 percent in 2016. This marks the first time that financial phishing figures have exceeded 50 percent, the company said in a press release.
Financial phishing attacks are fraudulent messages that link to copycat websites that appear to be legitimate. The fraudsters aim to acquire a user's credentials for banking and credit accounts in order to steal the victim's money.
In 2017, attacks against banks, payment systems and e-commerce stores grew by 1.2, 4.3, and 0.8 percentage points, respectively and ranked as the top three categories in overall phishing attacks detected.
Attacks related to global search engines, social networks and the like fell 13 percent in 2017 cropping the category from the second place in 2016 to fourth place in 2017. This shows that criminals are now focused on gaining direct access to consumers' money, the release said.
The company also found that Mac users are in increasing danger. Contrary to popular belief about the security of Mac devices. In 2016, 31 percent of phishing attacks against Mac users aimed to steal financial data; in 2017 this share rose to 56 percent.
"The increased focus cybercriminals have on conducting financial phishing attacks means that users need to remain extra vigilant," Nadezhda Demidova, lead web content analyst at Kaspersky Lab, said in the release. "To get a hold of our money, fraudsters are constantly looking for new methods and techniques to trick us. We need to be just as determined to not let them succeed by constantly investing in cyberliteracy."
Other findings in the report include:
- Corporate users comprised 19 percent of those attacked with banking malware.
- Users in Germany, Russia, China, India, Vietnam, Brazil and the United States are the countries most often attacked by banking malware.