The Anti-Phishing Working Group issued its Phishing Activity Trends Report for Q1 2018 that indicates there was a significant rise in unique phishing webpages found in the first couple of months of 2018 in comparison to Q4 of 2017. The report examines the phishing attacks and approaches employed starting January 1 to March 31, 2018.
In Q1, 263,538 unique phishing internet sites were found – a 46% growth from the 180,577 unique internet sites found in Q4 2017 and a 38% growth from the 190,942 internet sites discovered in Q3 2017. In January 2018, there were 60,887 different phishing internet sites found which was of equivalent level as with December 2017, though there was a significant rise in February (88,754) and another serious rise in March (113,897).
The volume of different phishing campaigns recorded by APWG clients stayed largely similar in January (89,250) and February (89,010) with a small slip in March (84,444). 235 brands had been misled in January, growing to 273 in February, and sliding to 238 in March.
APWG associate MarkMonitor examined the varied fields of industry that had been most intensely attacked by phishing campaigns. Its statistics show that online payment services ranked one in Q1 of 2018, having 39% of all documented phishing attacks. Attacks linked to SAAS and webmail service providers made up 18.7% of the total, next was financial establishments (14.2%) and file hosting and cloud storage companies having 11.3%.
As firms have transferred to HTTPS webpages, the phishers followed. Every quarter saw a significant surge in the amount of phishing internet sites that use HTTPS and protect the connection between the webpage and the browser. APWG member PhishLabs is tracking the usage of HTTPS on phishing internet sites and its statistics show 33% of all phishing internet sites were on HTTPS system in Q1 of 2018 compared to merely 10.5% in Q1 of 2017.
A lot of customers still feel that an internet site beginning with HTTPS indicates the webpage is reliable, when that is surely not the case. It simply implies that the connection between the webpage and the browser is secured. When the webpage is operated by a phisher, or if a legit internet site was hijacked, any details entered may be taken. A lot of phishers are buying their own domain names and are availing the free SSL certificates which are given to make their internet sites seem more authentic.
RiskIQ’s statistics tell us that the phishing URLs employed by phishers very closely suit TLD market share, with .com’s as the most extensively utilized TLD’s by phishers. 6,608 .coms of the 13,594 unique domain names were employed in phishing attacks in quarter 1 of 2018. Those domain names were extensively distributed among diverse domain registrars.
Brazilian cybersecurity agency Axur presented a listing of web-based attacks on persons and businesses in Brazil. The firm’s information reveal that scam internet sites were the foremost threat and were to blame for 9,061 of the 17,065 attacks in the first quarter of 2018. Next was social media fraud (4,209), mobile app frauds (1,840) and phishing incidents (1,816). 350 redirection URLs were discovered that routed visitors to exploit kits and phishing internet sites and 257 URLs were being employed to send malware.