Phishing Site Study Reveals Why These Cyber-Scams Pervade the Web

1 of 9

Phishing Site Study Reveals Why These Cyber-Scams Pervade the Web

Phishing is a security problem for organizations worldwide, according to a report from security firm PhishLabs. The company released its "2017 Phishing Trends and Intelligence Report" Feb. 7, providing insight into the evolving phishing landscape. A major security threat, Phishing is the practice of using a variety of deceitful "social engineering" approaches to con people—particularly corporate employees—into revealing passwords, financial data or sensitive personal information. PhishLabs R.A.I.D. (Research, Analysis and Intelligence Division) analyzed about 1 million confirmed phishing sites in 2016. The report found that 91 percent of phishing attacks targeted five industry verticals: financial institutions, cloud storage, webmail, payment services and ecommerce companies. Across those industries, phishing attack volume grew an average of 33 percent in 2016.

2 of 9

Financial Institutions Are the Most Targeted

Financial institutions again were the top target of phishing attacks in 2016, although the overall share has declined in recent years.

3 of 9

More Phishing Attacks Hit Cloud Storage

PhishLabs expects cloud storage will surpass financial institutions as the top attack target in 2017.

4 of 9

2016 Phishing Volume Spiked Mid-Year

PhishLabs found that phishing volume in 2016 spiked in the middle of the year, bucking the trend of attacks surging at the end of the year during the holiday season. PhishLabs attributes the mid-year phishing spike to attacks related to Brexit (the British exit from the European Union) as well as a surge in virtual web-server compromises.

5 of 9

Virtual Server Attacks Accelerate Phishing Risks

PhishLabs reported more than 300 virtual web-server compromises in 2016, impacting 14,000 domains. A single virtual web server can act as host for many different domains, providing a potential launching point for phishing attacks.

6 of 9

Phishing Attacks Use Different Top-Level Domains

The most commonly used top-level domain for phishing attacks observed by PhishLabs in 2016 was dot com, at 51 percent.

7 of 9

The U.S is the Top Target

Phishing is a global problem that impacts countries worldwide, but the United States remains the top target, seeing 81 percent of attacks in 2016.

8 of 9

There Are Plenty of Phishing Sites in the U.S.

While phishing sites can be hosted anywhere in the world, 59 percent were located in the United States during 2016.

9 of 9

10 Ways Enterprises Can Limit Third-Party Cyber-Risk

Enterprises should learn how to reduce the risk of network breaches and cyber-attacks that posed by the poor security practices of third parties such as suppliers and service providers.
Top White Papers and Webcasts