SYS-CON MEDIA Authors: Carmen Gonzalez, Sean Houghton, Glenn Rossman, Ignacio M. Llorente, Xenia von Wedel

News Feed Item

About One Third of Phishing Attacks Aimed at Stealing Money

ABINGDON, England, April 7, 2014 /PRNewswire/ --

According to data collected as part of Kaspersky Lab's 'Financial cyber threats in 2013' study, cybercriminals are trying harder than ever to acquire confidential user information and steal money from bank accounts by creating fake sites mimicking financial organisations. In 2013, 31.45 per cent of phishing attacks were trading on the names of leading banks, online stores and online payment systems - an increase of 8.5 percentage points from the previous year.

Phishing is a fraudulent scheme used by cybercriminals to obtain confidential user data with the help of fake web pages imitating Internet resources. Unlike malicious software created for particular operating systems, phishing attacks threaten all devices which can access web pages. That is why they are so popular with scammers - in 2013 alone Kaspersky Lab products protected about 39.6 million users from this cyber threat.

Phishing sites aimed at harvesting users' financial details mainly use the brand names of popular online stores, online payment systems and online banking systems. In 2013, the most attractive targets were banks, which were used in 70.6 per cent of all financial phishing. That's a sharp increase from 2012 when bank phishing represented just 52 per cent. Overall, fake bank websites were involved in twice as many (22.2 per cent) phishing attacks in 2013.

Financial phishing targets in 2013 

In 2013, Kaspersky Lab heuristic anti-phishing technologies blocked a total of 330 million attacks, an increase of 22.2 per cent from the previous year.

Fraudsters use the brand names of major companies with large client databases in search of a big criminal profit.  For example, about 60 per cent of all phishing attacks using fake bank pages exploited the names of just 25 organisations. Among online payment systems the phishers' favourites are even more clearly-defined - 88.3 per cent of phishing attacks in this category involved one of four international brands: PayPal, American Express, MasterCard and Visa.

For several years in a row Amazon.com has been the most popular cover for phishing attacks exploiting the names of online stores. Over the reported period its name was used in 61 per cent of online trade-related phishing attacks. The Top 3 also included Apple and eBay, but both of them lagged well behind Amazon.  

"Phishing attacks are so popular because they are simple to deploy and extremely effective. It is often not easy for even advanced Internet users to distinguish a well-designed fraudulent site from a legitimate page, which makes it even more important to install a specialised protection solution. In addition, phishing causes reputational and financial damage to organisations that see their brands exploited in phishing attacks," commented Sergey Lozhkin, Senior Security Researcher at Kaspersky Lab.

The standard anti-phishing mechanisms in Kaspersky Lab security solutions for home users and small businesses are supplemented with Safe Money technology that reliably protects user data during online banking or payment sessions. The effectiveness of this technology is confirmed by special trials carried out by independent test labs such as AV-TEST, MRG Effitas and Matousec.

Companies which need to safeguard their clients from cybercriminals and to protect their own reputations may benefit from Kaspersky Lab's comprehensive Kaspersky Fraud Prevention platform. It was developed to deliver rigorous, multi-layered security for online banking and includes programs for customer endpoints, a server solution to check customer transactions as well as a set of components to develop protected mobile applications.

Phishers don't just imitate the websites of financial institutions - they also frequently attack via social networking sites. In 2013, the number of attacks using fake pages of Facebook and other social networking sites grew by 6.8 percentage points and accounted for 35.4 per cent of the total.

The 'Financial cyber threats in 2013' report used data obtained voluntarily from Kaspersky Security Network participants. Kaspersky Security Network is a globally distributed cloud-based infrastructure designed to quickly process depersonalised data about threats which users of Kaspersky Lab's products encounter. Statistics about phishing attacks were obtained based on Kaspersky Lab web anti-phishing detections.

About Kaspersky Lab 

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at http://www.kaspersky.co.uk.

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published in the IDC report "Worldwide Endpoint Security 2013-2017 Forecast and 2012 Vendor Shares (IDC #242618, August 2013). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2012. 

Contact: Lauren White, +44(0)118-909-0909, [email protected]

SOURCE Kaspersky Lab

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
What do a firewall and a fortress have in common? They are no longer strong enough to protect the valuables housed inside. Like the walls of an old fortress, the cracks in the firewall are allowing the bad guys to slip in - unannounced and unnoticed. By the time these thieves get in, the damage is already done and the network is already compromised. Intellectual property is easily slipped out the back door leaving no trace of forced entry. If we want to reign in on these cybercriminals, it's hig...
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will w...
"ElasticBox is an enterprise company that makes it very easy for developers and IT ops to collaborate to develop, build and deploy applications on any cloud - private, public or hybrid," stated Monish Sharma, VP of Customer Success at ElasticBox, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from ha...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...