More than 200,000 new malware samples were found every day in the first half of 2016 according to the APWG’s (Anti-Phishing Working Group) crime ware statistics. While down slightly compared to 2015, it doesn’t necessarily signal the end of the ransomware/malware/phishing epidemic that has impacted businesses and the public for many years.
In fact, the opposite may be true, at least in highly targeted industries. Analysis of cyberattacks by BrandProtect, reveals that Q3 phishing attacks against banks, insurers, and other financial services enterprises rose 30 percent during Q3 2016 year/year. More significantly, the BrandProtect analysis reveals that while the majority of phishing attacks remains simple in design and execution, the percentage of sophisticated phishing exploits – attacks that automate subjugation of website infrastructure and deploy multiple phishing URLs – has increased dramatically. These sophisticated attacks generate the majority of phishing URLs that must be taken down.
“There is no doubt that sophisticated phishing attacks are becoming the norm,” said Dylan Sachs, Director of Anti-Phishing Services and Incident Response at BrandProtect. “Instead of launching attacks from a single URL, a sophisticated phishing attack will generate and launch attacks from ten, twenty, one hundred, or even more URLs. To put this in perspective, during the third quarter of 2016, just ten percent of the phishing attacks that we detected targeting our clients generated approximately slightly more than fifty percent of the URLs that needed to be taken down.”