Businesses in EMEA are urged to remain vigilant as phishing attacks ramp up during the winter months.
F5 Labs, in collaboration with Webroot, has launched its second annual Phishing and Fraud report1, highlighting an anticipated threat surge from October until January.
“We’re in the middle of a cyber-crimewave where phishers and fraudsters take advantage of people at their most distracted,” said Simon McCullough, major channel account manager at F5 Networks.
“It is prime season for individuals giving up credentials or inadvertently installing malware. Businesses are wrapping up end-of-year activities, key staff are on vacation, and record numbers of online holiday shoppers are searching for the best deals, looking for last-minute credit or feeling generous when charities come calling.”
Indicative of the scale of the problem, 75,6% of all websites taken offline by the F5 SOC between January 2014 and the end of 2017 were related tophishing attacks. This is followed by malicious scripts (11.3%) and URL redirects (5.2%), which are also used in conjunction with phishingoperations. Mobile phishing (2%) was also identified as a growing issue.
Tech and finance sectors in the firing line
Although phishing targets vary based on the nature of the scam, a remarkable 71% of attackers’ efforts from 1 September to 31 October 2018 focused on impersonating just ten organisations.
Technology companies were most mimicked (70% of incidents), with 58% of phishers’ time spent posing as big hitters like Microsoft, Google, Facebook, Apple, Adobe, Dropbox, and DocuSign during the monitored period.
The finance sector was also under fire. 13 of the top 20 fastest growing targets were financial organisations. Banks accounted for 55% of these, five of which were major European entities.
Notably, some of the most successful malware programs started out as banking malware. For example, Trickbot, Zeus, Dyre, Neverquest, Gozi, GozNym, Dridex, and Gootkit are all banking trojans known to have spread initially through phishing campaigns.
Click here to read more on how F5 is helping businesses protect sensitive data.