Kaspersky Lab

TheSamaritan

Kaspersky Lab Study: EveryThird Phishing Attack Aimed at Stealing Money

Accordingto the data collected for Kaspersky Lab’s study ‘Financial cyber threats in2013’, cybercriminals are trying harder than ever to acquire confidential userinformation and steal money from bank accounts by creating fake sites mimickingfinancial organizations. In 2013, 31.45% of phishing attacks were trading onthe names of leading banks, online stores and e-payment systems, up 8.5percentage points from the previous year.

Phishingis a fraudulent scheme used by cybercriminals to obtain confidential user datawith the help of fake web pages imitating Internet resources. Unlike malicioussoftware created for particular operating systems, phishing attacks threatenall devices, which can access web pages. That is why they are so popular withscammers – in 2013 alone Kaspersky Lab products protected about 39.6 millionusers from this cyber threat.

Phishingsites aimed at harvesting users’ financial details mainly use the brand namesof popular online stores, e-payment systems and online banking systems. In2013, the most attractive targets were banks, which were used in 70.6% of allfinancial phishing. That’s a sharp increase from 2012 when bank phishing representedjust 52%. Overall, fake bank websites were involved in twice as many (22.2%)phishing attacks in 2013.

Financialphishing targets in 2013

In 2013,Kaspersky Lab heuristic anti-phishing technologies blocked a total of 330million attacks, an increase of 22.2% from the previous year

Fraudstersuse the brand names of major companies with large client databases in search ofa big criminal profit.  For example,about 60% of all phishing attacks using fake bank pages exploited the names ofjust 25 organizations. Among e-payment systems the phishers’ “favorites” areeven more clearly defined: 88.3% of phishing attacks in this category involvedone of four international brands: PayPal, American Express, Master Card andVisa.

Forseveral years in a row Amazon.com has been the most popular cover for phishingattacks exploiting the names of online stores. Over the reported period itsname was used in 61% of online trade-related phishing attacks. The Top 3 alsoincluded Apple and eBay, but both of them lagged well behind Amazon.  

“Phishingattacks are so popular because they are simple to deploy and extremelyeffective. It is often not easy for even advanced Internet users to distinguisha well-designed fraudulent site from a legitimate page, which makes it evenmore important to install a specialized protection solution. In addition,phishing causes reputational and financial damage to organizations that seetheir brands exploited in phishing attacks,” commented Sergey Lozhkin, SeniorSecurity Researcher at Kaspersky Lab.

The standard anti-phishing mechanisms in Kaspersky Lab securitysolutions for home users and small businesses are supplemented with Safe Money technology that reliably protects user data during online banking or paymentsessions. The effectiveness of this technology is confirmed by special trialscarried out by independent test labs such as AV-TEST, MRG Effitas and Matousec.

Companies which need to safeguard their clients from cybercriminals andto protect their own reputations may benefit from Kaspersky Lab’s comprehensiveKaspersky Fraud Prevention platform. It was developed todeliver rigorous, multi-layered security for online banking and includesprograms for customer endpoints, a server solution to check customertransactions as well as a set of components to develop protected mobileapplications.

Phishersdon’t just imitate the websites of financial institutions – they alsofrequently attack via social networking sites. In 2013, the number of attacksusing fake pages of Facebook and other social networking sites grew by 6.8percentage points and accounted for 35.4% of the total.

The ‘Financial cyber threats in 2013’ reportused data obtained voluntarily from Kaspersky Security Network participants.Kaspersky Security Network is a globally distributed cloud-based infrastructuredesigned to quickly process depersonalized data about threats which users ofKaspersky Lab’s products encounter. Statistics about phishing attacks were obtainedbased on Kaspersky Lab web anti-phishing detections.