Phishing is one of the most versatile attack tools using the "social engineering" method, as it can be disguised in many ways and used for different purposes.
ΓTo create a phishing page, all you have to do is make a copy of a trusted website, attract unsuspecting users to the site, and trick them into entering personal information.
The rapid increase in phishing attacks in 2018 is part of a large current trend (in 2017 and 2016 there were consistent increases of 15% compared to previous years). However, 2018 is marked by a new record.
The financial sector has been hit hard: Over 44% of all Kaspersky Lab-detected cyber-attacks have targeted banks, payment systems and online stores. This means that in 2018 the number of financial phishing attacks was the same as the total number of phishing attacks detected in 2017.
"The increase in the number of phishing attacks can be influenced by the increasing efficiency of social engineering methods used to entice users to visit unsafe pages. 2018 was marked by the active exploitation of new schemes and tricks, such as misleading updates, combined with the refinement of traditional methods, such as scams during Black Friday and other national holidays. In conclusion, would-be hackers become better when they take advantage of important events around the world, such as the World Cup of national football teams, ”said Tatyana Scherbakova, security researcher at Kaspersky Lab.
Other findings from the 2018 Spam and Phishing Report include:
• The percentage of spam in the traffic of emails reached 52,48%.
• The biggest source of spam this year was China (11,69%).
• 74,15% of junk emails were less than 2 KB in size.
• Malicious spam was most often detected under the name Win32.CVE-2017-11882.
• The Anti-Phishing system was activated 482.465.211 times.
• 18,32% of single users experienced phishing attacks.
Kaspersky Lab experts advise users to take the following steps to protect themselves from phishing attacks:
• Always check email addresses for unknown or unexpected messages, whether they are the web address of the website they are addressing, the link address of a message, or the sender's email address, to make sure they are authentic and that the link in the message does not cover another hyperlink.
• If you're not sure the site is genuine and secure, never post your login details. If you think you may have entered your login and password on a fake page, change your password immediately and call your bank if you think your card details have been compromised.
• Always use a secure connection, especially when visiting sensitive sites. Do not use an unknown or public Wi-Fi that is not password protected. If you use an insecure link, digital criminals may redirect you to phishing pages without your knowledge. For maximum protection, use VPN solutions that encrypt your traffic, such as Kaspersky Secure Connection.
Use an appropriate security solution with behavior-based phishing technologies, such as Kaspersky Security Cloud and Kaspersky Total Security, that will alert you if you try to visit a phishing site.
ΜDo not forget to join (register) in our forum, which can be done very easily by the following button…
(If you already have an account in our forum you do not need to follow the registration link)
Follow us on Telegram!
