IT Security: Are Phishing Attacks REALLY Down?
Reading Time: 3 minutes
There is a recent study by the “Anti Phishing Working Group” (APWG) being widely reported that phishing attacks were down 20% in 2012.
When I first read about this I thought,
“They HAVE to be kidding!”
There is a flood of other stories that contradict such finding security, including numerous reports of high-profile phishing attacks security. Last week, in fact, we learned that a Syrian group had successful email security phishing attacks on White House staffers. A member of the “Syrian Electronic Army” (SEA), supporters of dictator Bashar al-Assad, proudly distributed screen prints of security White House staffer Erin Lindsey’s Gmail account emails security. Ms. Lindsey made the mistake of clicking on a link in a faux email from the SEA security.
American Banker Magazine this week is reporting on a “spike” in email phishing that targets bank customers. I can testify that I get emails almost every day about my accounts at Banks I don’t use!
Yet, the APWG is a reputable group supported by many of the biggest names in Internet Security and corporate America. How can we reconcile this?
Analysis of Phishing Attacks and Scams – IT Security
First, if there has been a decline in phishing attacks in 2012 it is the context of a dramatic rise in recent years’ security. There is no standard metric, but there is every indication that email phishing attacks and scams have been booming. Even a 20% decline would leave a lot of phishing attacks going on security. Second, an important metric in the report is a decline in the number of compromised servers being used in phishing attacks and scam security. The scammers seize control of a server hosting multiple domains and then create security phishing attacks pages for each domain.
In recent years that has been a significant decline in storage costs and processing power. Just last year my own internet host increased the available storage in my web site plan from 300gb to 1tb without increasing my plan cost. It was 30mb when I first started with them in 2003!
This has made it possible to host more domains per server. It is likely that a decline in the number of servers compromised does not translate to the same percentage of domains compromised. They may also be using compromised servers for other nasty purposes, such as spamming and botnets.
The Growing Threat of Targeted Phishing Attacks – IT Security
Even if the total volume of phishing attacks is down as the AFWG report also asserts security, there is security every reason to believe that it is because they are becoming more targeted, and more selective security. There may be fewer mass mailings with low probabilities of success and more sophisticated security phishing attacks that actually victimize the security of their targets. That would explain why the volume could be down but we are reading about more and more successful high-profile phishing attacks.
In support of my theory, I found a report by the German Internet Security firm Eleven Research that found email spam declining in 2012 but the “threat level” increasing phishing attacks. That’s because email spam and security phishing attacks have become far more targeted and much more dangerous security. Drive by email, where the email entices the security victim to click on a link and download malware, was 10% of all email spam. This is an all-time high percentage of security spam phishing attacks.
Eleven Research also asserts that a higher percentage of phishing is “spear phishing” than ever before. A spear phishing attack targets particular individuals and organizations, as opposed to mass mailings that count on a small percentage of a volume to be duped. Orchestrator’s of spear phishing attacks use internet sources including social media to learn about a victim and their colleagues to craft emails that appear convincingly legitimate.
I wouldn’t click on the link in an email from a South African barrister handling the estate of a possible relative. However, I just might for a webinar that my company is actually planning that appears to come from a co-worker.
Scammers Using Social Media to Craft Sophisticated Security Phishing Attacks – IT Security
Scammers have found social media a treasure trove of information to use in targeted security phishing attacks, and they are becoming more sophisticated security. SpiderLabs, the penetration testing division of the security firm TrustWave, has unveiled a tool that analyzes an individual’s Twitter and can assist in creating writing that security appears to come from that individual security phishing attacks. It coaches the actual writer on the style and content that would be an author. There are indications that such tools are already in use by hacker’s security phishing attacks.
Regardless of the volume of attacks, Eleven Research has it right. The threat level is increasing!
See Also: