Phishing Attacks REALLY Down?

Updated on October 10, 2022, by Xcitium

Phishing Attacks REALLY Down?

Are Phishing Attacks REALLY Down?

There is a recent study by the “Anti Phishing Working Group” (APWG) being widely reported that phishing attacks were down 20% in 2012.

When I first read about this I thought,
“They HAVE to be kidding!”

There is a flood of other stories that contradict such a finding, including numerous reports of high profile attacks. Last week, in fact, we learned that a Syrian group had a successful email phishing attack on White House staffers. A member of the “Syrian Electronic Army” (SEA), supporters of dictator Bashar al-Assad, proudly distributed screen prints of White House staffer Erin Lindsey’s Gmail account emails. Ms. Lindsey made the mistake of clicking on a link in a faux email from the SEA.

American Banker Magazine this week is reporting on a “spike” in email phishing that targets bank customers. I can testify that I get emails almost every day about my accounts at Banks I don’t use!

Yet, the APWG is a reputable group supported by many of the biggest names in Internet Security and corporate America. How can we reconcile this?

First, if there has been a decline in phishing attacks in 2012 it is the context of a dramatic rise in recent years. There is no standard metric, but there is every indication that email phishing scams have been booming. Even a 20% decline would leave a lot of phishing going on. Second, an important metric in the report is a decline in the number of compromised servers being used in phishing scams. The scammers seize control of a server hosting multiple domains and then create phishing pages for each domain.

In recent years that has been a significant decline in storage costs and processing power. Just last year my own internet host increased the available storage in my web site plan from 300gb to 1tb without increasing my plan cost. It was 30mb when I first started with them in 2003!

This has made it possible to host more domains per server. It is likely that a decline in the number of servers compromised does not translate to the same percentage of domains compromised. They may also be using compromised servers for other nasty purposes, such as spamming and botnets.

Even if the total volume of phishing is down as the AFWG report also asserts, there is every reason to believe that it is because they are becoming more targeted, more selective. There may be fewer mass mailings with low probabilities of success and more sophisticated attacks that actually victimize their targets. That would explain why the volume could be down but we are reading about more and more successful high profile attacks.

In support of my theory I found a report by the German Internet Security firm Eleven Research that found email spam declining in 2012 but the “threat level” increasing. That’s because email spam and phishing attacks have become far more target and much more dangerous. Drive by email, where the email entices the victim to click on a link and download malware, was 10% of all email span. This is an all-time high as a percentage of spam.

Eleven Research also asserts that a higher percentage of phishing is “spear phishing” than ever before. A spear phishing attack targets particular individuals and organizations, as opposed to mass mailings that count on a small percentage of a volume to be duped. Orchestrator’s of spear phishing attacks use internet sources including social media to learn about a victim and their colleagues to craft emails that appear convincingly legitimate.

I wouldn’t click on the link in an email from a South African barrister handling the estate of a possible relative. However, I just might for a webinar that my company is actually planning that appears to come from a co-worker.

Scammers have found social media a treasure trove of information to use in targeted attacks, and they are becoming more sophisticated. SpiderLabs, the penetration testing division of the security firm TrustWave, has unveiled a tool that analyzes an individual’s Twitter content and can assist in creating writing that appears to come from that individual. It coaches the actual writer on the style and content that would be expected from the purported author. There are indications that such tools are already in use by hackers.

Regardless of the volume of attacks, Eleven Research has it right. The threat level is increasing!

See our Unified Zero Trust (UZT) Platform in Action
Request Demo

Protect Against Zero-Day Threats
from Endpoints to Cloud Workloads

Product of the Year 2025
Newsletter Signup

Please give us a star rating based on your experience.

3 votes, average: 2.33 out of 53 votes, average: 2.33 out of 53 votes, average: 2.33 out of 53 votes, average: 2.33 out of 53 votes, average: 2.33 out of 5 (3 votes, average: 2.33 out of 5, rated)Xcitium ratingLoading...
Expand Your Knowledge
Cyberattacks
Schools Are Facing Greater Cybersecurity Threats: How to Build Resilience Against Attacks

Schools are under siege from increasingly sophisticated cyberattacks, targeting vulnerable systems, ...

Top 4 Questions About Ransomware Answered
Top 4 Questions About Ransomware Answered

Wherever you are in society and whatever your job is, it’s very likely that you make use of comput...

how do you get ransomware
How Would You Get Ransomware?

One of the biggest cyber threats known to mankind today has got to be ransomware. But how do you ge...

Endpoint Device Security Tools
8 Essentials Features Of Endpoint Device Security Tools

8 Essentials Features Of Endpoint Device Security Tools Endpoint device security is critical for ent...

How Ransomware Wannacry Works
What Vulnerability Did WannaCry Ransomware Exploit?

Computers rule our world today. We manage both our personal affairs and our public lives through the...

small business managed it services
IT Consulting Managed Services

Updating technologies means embracing change. In the age of AI (artificial intelligence) and ML (mac...

Endpoint Device Security Tools
New Xcitium Report Redefines Endpoint Protection

Xcitium, IT security firm provides new understanding and outlook on the current state of endpoint se...

Managed IT Services For Small Business - Commercial Growth & Protection
Managed IT Services Software By MSPs

IT infrastructures of the businesses no longer need few installations and limited maintenance. Hence...

Virus Vs Worm Vs Trojan – The Difference
Virus Vs Worm Vs Trojan – The Difference

Solution Most often, in the computer world, users often use the term virus to refer to a malicious c...

How Can Ransomware Spread?

Many years ago, in 1989, precisely—a seminar organized by the world health organization witnessed ...

Cyber Security
How to Implement a Zero Trust Security Model in Your Organization

In today’s rapidly evolving cybersecurity landscape, traditional perimeter-based security models a...

Why Endpoint Security Matters Risky To IT?

Most security groups work under the conviction that rapid remediation an episode levels with compell...