Internet Scammers Use Targeted Phishing Attacks More Often

During the past twelve months, 37.3 million Internet users around the world have experienced a phishing attack. This is 87 percent more than in the same period a year earlier.

The online customer service systems of banks and financial institutions are still the most attractive for fraudsters' attacks, however, more and more attacks are targeted at persons using online auctions or social networks.

According to experts of the consulting company Deloitte, the weak link allowing this type of crime is the users themselves, their bad habits, and weaknesses.

Phishing is a type of fraud that involves stealing personal data or other data (eg financial) using copies of a website (postal service, online bank, social network) of a trusted institution. An unsuspecting user enters his username and password or data from a credit card, and this information falls into the hands of criminals.

Interestingly, the essence of phishing has not changed since the beginning of this phenomenon. Only the methods used by fraudsters are becoming more sophisticated, and attacks are increasingly directed at smartphone owners and users of mobile applications.

This is confirmed by the results of a study by Kaspersky Lab. Over the past twelve months, fraudsters attacked an average of 102 thousand people per day, which is twice as much as in the same period a year earlier. Attempts to deceive most often took place in Russia, the USA, India, Vietnam, and the UK. Most of the servers hosting phishing sites were registered in the US, UK, Germany, Russia, and India.

In recent years, spear phishing of a personal nature has become increasingly popular. Although the main target of fraudsters is still clients of financial institutions (20% of the total number of phishing crimes), users of trading services (for example, auctions), as well as those services that collect valuable data: personal, professional, are no less susceptible to attacks. health and special interests. This is evidenced by the many attacks that target PayPal, Facebook, LinkedIn, or Twitter users.

Unfortunately, companies and their customers are all too often mistaken about the effectiveness of their security measures. Two-component authentication, SMS codes, scratch cards, and an encrypted connection, according to users, are enough to protect themselves from attack.

But more often phishing scammers "burn out" on the low quality of the content of messages and false pages. Despite the noticeable improvement in the appearance of imitated sites, the content of messages still resembles the effect of an automatic translation from Russian - through English - into Russian.

Find the best antivirus software to protect against phishing scammer

However, it turns out that this is not an obstacle in the implementation of attacks. Consumers often only need to provide simple information (eg job title, last name of a friend, city of residence) to convince themselves of the "authenticity" of the message.

Users post this data on social networking sites such as Facebook or LinkedIn, and incorrect privacy settings open up a lot of fantasy for intruders.