The total number of phishing sites detected by the Anti-Phishing Working Group (APWG) worldwide in October through December 2019 was 162,155, following the all-time-high of 266,387 attacks recorded in July through September 2019.
Most menacing, however, were targeting trends exhibited by cybercrime gangs focusing on: users of web-hosted email and social media to multiply the numbers of potential victims; and Business Email Compromise (BEC) schemes of increasing sophistication to exploit key executives’ broader access to corporate resources – and greater payments authority.
Other interesting findings
By most other measures, 2019 was one of the most dangerous years on record for online users. During the course of 2019, the number of phishing incidents in Brazil increased 232 percent. APWG member company Axur recorded these attacks against Brazilian brands and services that are available in Portuguese in Brazil, noting an increase around the Black Friday shopping weekend.
Similarly, APWG member company Agari recorded criminals perpetrating Business Email Compromise (BEC) attacks and using gift cards to cash out during the holiday shopping season.
“The amount of money that an attacker can make by getting gift cards is significantly less than with a wire transfer. During Q4, the average amount of gift cards requested by a BEC actor was more than $1,600. But for wire transfer BEC attacks, the average amount requested in Q4 was over $55,000,” the report points out.
“One of the really notable things we saw during the Q4 was a change in the types of gift cards requested. Google Play was still the most-requested gift card, but decreased from 27 percent to 15 percent of requests,” said Crane Hassold, Agari’s Senior Director of Threat Research.
“We saw increases in requests for gift cards for eBay, Target, Best Buy, and Sephora. The increase could be due to the fact that all of these companies sell physical goods, and the attacks took place during the holiday season. It may indicate that scammers are looking to launder money by using the cards to buy physical goods that they can then sell, rather than putting the money into online cryptocurrency exchanges, which is also a popular laundering option.”
APWG contributor OpSec Security saw attacks against more than 325 different brands (companies) per month in Q4. Stefanie Wood Ellis, Anti-Fraud Product & Marketing Manager at OpSec Security, noted that the most frequent targets of phishing attacks continued to be Webmail, payment, and bank sites, but that “phishing against Social Media targets grew every quarter of the year, doubling over the course of 2019.”
SSL use for more effective phishing
The researchers at APWG member PhishLabs documented the rising use of SSL certificates on phishing websites. Almost three-quarters of all phishing sites now use SSL protection. This was the highest percentage since tracking began in early 2015, and is a clear indicator that users can’t rely on SSL alone to understand whether a site is safe or not.
APWG member RiskIQ analyzed 2,149 confirmed phishing URLs reported to APWG in Q4 2019, and found that the most popular top-level domains used by the phishers are the generic .com, .org, .net and .info TLDs.