Phishers are always coming up with innovations and designing new ways (Phishing) to entice people into getting access to their financial data, personal information, as well as user accounts.
Knowing the most recent phishing techniques and the trends followed by phishing actors helps position clients to stay a step ahead of such threats targeting their businesses.
The first 2018 quarterly repetition of the Phishing Roundup reports the trends in phishing venture as seen by RiskIQ over the first quarter of 2018, using the data applied in the Fourth Quarter Report of RiskIQ 2017 to draw parallels and recapping trends which have been observed coming into the current year.
Increased diversity in targets
For the 2nd quarter in a line, Quarter One saw a little drop of about two percent in the overall phishing discoveries from the fourth quarter of 2017, including 26,671 unique domains recognized.
The findings that were observed, nevertheless, were way more profound than in the past concerning targeted organizations.
During the first quarter, RiskIQ observed a sum of 299 unique brands targeted via spoof web pages, increased from the 259 brands which were noted in the fourth quarter of 2017.
The analysis of the top ten targeted brands is as follows:
- Forty percent financial organizations.
- Twenty percent of digital transaction providers.
- Ten percent of large tech companies.
- Ten percent of primary health insurance providers.
- Ten percent cloud storage providers.
- Ten percent of social media platforms.
As standard, the very financial companies make up a notable share of the top ten targeted brands for the first quarter of 2018 and much of the social media platforms targeting trend which was observed in the fourth quarter of 2017 is now mostly finished, which may suggest a resurfacing of tried and trusted strategies by phishers.
Nevertheless, the top ten percentage division for quarter one, which involves the addition of cloud storage providers which were not present in the previous quarter, may show an overall more assorted discovery of targeted brands.
This diversity of phishing targets assists the detection models of RiskIQ to advance their capability to recognize phishing attacks.
Discoveries by registrar
Hostinger proved to be a nine days’ wonder in the fourth quarter of 2017, topping the list of registrars utilized by spoof URLs and then not even coming in the top five positions.
GoDaddy, which is not a stranger to the top of the list, restored its spot ahead of the set; this is hardly surprising since phishing attempts, along with the infrastructure utilized there, are usually greatly cyclical.
Detections by Hosting Provider
The index containing the top hosting provides employed by phishers in quarter one was even more concerning, since all the five positions changed hands and three out of the five were new additions to the list. Given that phishers are perpetually changing their infrastructure, so they must have used other tools in the first quarter instead of using the same tools from the final quarter of 2017.