CONTINUE TO SITE »
or wait 15 seconds

News

More than half of phishing attacks target financial services

April 11, 2014

The Anti-Phishing Work Group has released its study of phishing attacks in the second half of 2013. The group found that of all phishing efforts, nearly one-third (32.9 percent) were directed at banks and another 17.5 targeted money-transfer services.

apwg phishing study graphic

"Phishing" is defined as the attempt to steal money, using electronic media such as websites and email to trick a victim into uploading malicious software onto a computer or divulging sensitive information that gives the attacker free access to the system. 

The Target breach began as a phishing expedition disguised as email communication from a vendor.

The APWG study yielded several major findings about phishing attacks:

  • There were at least 115,565 unique phishing attacks worldwide, nearly a 60 percent increase over the first half of 2013.

The number of times that the targets were attacked follows a long tail. PayPal was the most-targeted institution (24,580 attacks, or 21 percent of the total), followed by Taobao.com (19,290 attacks, or 16.7 percent). Half of the targets were attacked three or fewer times during the six-month period.

The phishing kits used by less sophisticated phishers tend to contain templates for popular targets. If a site is getting phished for the first time, it may have been targeted by a more sophisticated phisher, who had the skill and motivation to design and execute a new template.

  • Attacks occurred on 82,163 unique domain names, up from 53,685 domains in the first half of 2013. APWG believes that 22,831 were registered maliciously by phishers.

Of those 22,831 malicious domain registrations, 19,348 (85 percent) were registered to phish Chinese targets — services and sites in China that serve a primarily Chinese customer base. Chinese phishers have always preferred to register domains, relying upon hacked domains and compromised Web servers less often than phishers elsewhere. Their major targets included Taobao.com; the Industrial and Commercial Bank of China; China Central TV; ZheJiang Satellite TV; and Tencent, China’s most-used ISP.

  • The other 59,332 domains were almost all hacked or compromised on vulnerable Web hosting.

A specific tactic used by phishers continues to heavily impact our statistics. In this attack, a phisher breaks into a web server that hosts a large number of domains – a “shared virtual server.” Then he uploads one copy of his phishing content and updates the web server configuration to add that content to every hostname served by that server. Then all web sites on that server display the phishing pages. Instead of hacking sites one at a time, the phisher often infects hundreds of web sites at a time, depending on the server.

  • APWG counted 681 targeted institutions, down slightly from the 720 targeted institutions identified in the first half of 2013.

This is an unusual amount of “churn” or turnover, and shows phishers trying out new targets. They appear to be looking for companies that are newly popular, have vulnerable user bases, and/or are not ready to defend themselves against phishing.

The complete, detailed report is available for free download.

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
ParaScript intros verification solution for checks
Nymeo Federal Credit Union wins recognition as 1 of the best workplaces in Maryland
SEC accuses former ATM businessman Daryl Heller of funneling $185M from investors
Fifth Third named as top veteran friendly employer
DC AG sues Bitcoin ATM operator Athena Bitcoin for allegedly exploiting scam victims


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'