PhishLabs 2016 Phishing Trends & Intelligence Report: Hacking the Human, Exposes Thriving Phishing Underworld

Report based on more than one million confirmed malicious phishing sites residing on more than 130,000 unique domains, and active tracking of more than 90 threat actor groups and operations using spear phishing

PhishLabs releases its inaugural 2016 Phishing Trends & Intelligence Report showing a thriving phishing underground (Graphic: Business Wire)

CHARLESTON, S.C.--()--PhishLabs, the leading provider of 24/7 phishing defense and intelligence solutions, today released its 2016 Phishing Trends & Intelligence Report: Hacking the Human, that exposes the murky evolution of a thriving, sophisticated phishing underworld. The report is based on more than one million confirmed malicious phishing sites residing on more than 130,000 unique domains, and the movement of more than 90 threat actor groups and organizations actively deploying spear phishing.

Senior PhishLabs executives will spotlight the report’s key findings next week at RSA Conference 2016 (Booth 3845), Feb. 29 – March 3, in San Francisco.

The report is authored the PhishLabs R.A.I.D. (Research, Analysis, and Intelligence Division), comprised of some of the world’s brightest minds in phishing threat intelligence. Each month, PhishLabs actively investigates and mitigates more than 6,000 phishing attacks; working to identify the underlying infrastructure used and shut down the originating attack source.

Key findings:

  • Spear phishing remains the primary initial attack vector used by APT actors. However, 22 percent of spear phishing attacks analyzed in 2015 were motivated by financial fraud or related crimes.
  • The number of organizations targeted with Business Email Compromise (BEC) spear phishing attacks grew tremendously in 2015 as threat actors refined BEC techniques and sought new victims.
  • 90 percent of consumer-focused phishing attacks targeted financial institutions, cloud storage/file hosting sites, webmail and online services, ecommerce sites, and payment services.
  • While financial institutions and payment services continue to be the most highly targeted organizations, their share of overall phishing volume declined in 2015.
  • There was a distinct increase in the percentage of phishing attacks targeting cloud storage and file hosting sites, webmail and online services, and ecommerce sites.
  • Gmail is used for more than half of all data drop email accounts, making it the top webmail service used by attackers to receive credentials stolen via phishing.
  • During the holiday season, online services and ecommerce companies were heavily targeted while attacks targeting other sectors declined.
  • Social media is a primary promotion and distribution channel for consumer-focused phishing kits and related goods or services.
  • Techniques to evade automated detection of phishing attacks and to prevent analysis of attack components are becoming more commonplace, even among less sophisticated threat actors.

“Our research clearly shows that phishing attacks are the weapon of choice for adversaries across the spectrum,” said John LaCour, Founder and CEO of PhishLabs. “Most successful hacks today start with a phishing attack. It is critical for organizations to understand the true risk of phishing and how they can fight back to protect their business.”

About PhishLabs

Founded in 2008 and headquartered in Charleston, South Carolina, USA, PhishLabs provides 24/7 cybersecurity and threat intelligence services that help organizations fight back against attacks targeting their employees and customers. PhishLabs is trusted by four of the top five U.S. financial institutions, seven of the top 25 global financial institutions, leading social media and career sites, and top healthcare, retail, insurance and technology companies. In addition to mitigating more than 6,000 phishing attacks per month, PhishLabs clients benefit from real-world actionable intelligence, analysis, and guidance from the PhishLabs R.A.I.D. research division, which is comprised of some of the world’s most respected malware researchers, reverse engineers, and threat analysts focused on monitoring global attack trends, dissecting cyber tradecraft, and tracking cybercrime. For more information visit https://www.phishlabs.com and follow @phishlabs.

PhishLabs and T2 are registered trademarks or trademarks of E-Crime Management Strategies, Inc., in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Contacts

e-Rainmaker PR for PhishLabs
Jim Engineer, 630-728-1387
jim.engineer@e-rainmaker.com

Contacts

e-Rainmaker PR for PhishLabs
Jim Engineer, 630-728-1387
jim.engineer@e-rainmaker.com