Phishing against banks and ISPs rose markedly compared to other sectors in the third quarter of 2014, according to the APWG. The number of brands being attacked remains high, and malware variants continue to proliferate at record rate of increase.
Attacks against financial institutions rose from 20.2 percent of all phishing attacks in the second quarter to 27 percent of all phishing attacks in the third quarter. Attacks against ISPs also increased, from 8.4 percent to 13.1 percent of the total. Some phishers continue to focus deeply on consumers’ email accounts. This allows the criminals to send spam from those accounts, gain access to password change requests related to other online services that the consumers use, thereby allowing the attackers to access even more sensitive data.
A total of 549 brands were targeted by phishers in Q3, up from the 531 targeted in the second quarter of 2014. The types of industries targeted by cybercrime gangs continue to be increasingly heterogeneous. For example, some attacks have involved abuse of healthcare records, a typically high-quality data resource that opens up additional attack opportunities just as ISP login data enable.
“Healthcare records hold a treasure trove of data that is valuable to an attacker,” said Carl Leonard of Websense Security Labs. “That data can be used in a multitude of different follow-up attacks and fraud. In a break-in we observed, the method of entry was a phishing email purporting to be from the employees’ local IT team, asking the team members to log in to their corporate email system. The resulting webpage served to end users being a fraudulent login page under the control of the attackers.”
Crimeware mutations also continue to proliferate. According to Luis Corrons, PandaLabs Technical Director, the global infection rate was 37.93 percent, slightly up from past quarters. China is once again in pole position, with an infection rate of 49.83 percent. Seventy-five percent of malware infections fell into the Trojan category.