News Feed Item

About One Third of Phishing Attacks Aimed at Stealing Money

ABINGDON, England, April 7, 2014 /PRNewswire/ --

According to data collected as part of Kaspersky Lab's 'Financial cyber threats in 2013' study, cybercriminals are trying harder than ever to acquire confidential user information and steal money from bank accounts by creating fake sites mimicking financial organisations. In 2013, 31.45 per cent of phishing attacks were trading on the names of leading banks, online stores and online payment systems - an increase of 8.5 percentage points from the previous year.

Phishing is a fraudulent scheme used by cybercriminals to obtain confidential user data with the help of fake web pages imitating Internet resources. Unlike malicious software created for particular operating systems, phishing attacks threaten all devices which can access web pages. That is why they are so popular with scammers - in 2013 alone Kaspersky Lab products protected about 39.6 million users from this cyber threat.

Phishing sites aimed at harvesting users' financial details mainly use the brand names of popular online stores, online payment systems and online banking systems. In 2013, the most attractive targets were banks, which were used in 70.6 per cent of all financial phishing. That's a sharp increase from 2012 when bank phishing represented just 52 per cent. Overall, fake bank websites were involved in twice as many (22.2 per cent) phishing attacks in 2013.

Financial phishing targets in 2013 

In 2013, Kaspersky Lab heuristic anti-phishing technologies blocked a total of 330 million attacks, an increase of 22.2 per cent from the previous year.

Fraudsters use the brand names of major companies with large client databases in search of a big criminal profit.  For example, about 60 per cent of all phishing attacks using fake bank pages exploited the names of just 25 organisations. Among online payment systems the phishers' favourites are even more clearly-defined - 88.3 per cent of phishing attacks in this category involved one of four international brands: PayPal, American Express, MasterCard and Visa.

For several years in a row Amazon.com has been the most popular cover for phishing attacks exploiting the names of online stores. Over the reported period its name was used in 61 per cent of online trade-related phishing attacks. The Top 3 also included Apple and eBay, but both of them lagged well behind Amazon.  

"Phishing attacks are so popular because they are simple to deploy and extremely effective. It is often not easy for even advanced Internet users to distinguish a well-designed fraudulent site from a legitimate page, which makes it even more important to install a specialised protection solution. In addition, phishing causes reputational and financial damage to organisations that see their brands exploited in phishing attacks," commented Sergey Lozhkin, Senior Security Researcher at Kaspersky Lab.

The standard anti-phishing mechanisms in Kaspersky Lab security solutions for home users and small businesses are supplemented with Safe Money technology that reliably protects user data during online banking or payment sessions. The effectiveness of this technology is confirmed by special trials carried out by independent test labs such as AV-TEST, MRG Effitas and Matousec.

Companies which need to safeguard their clients from cybercriminals and to protect their own reputations may benefit from Kaspersky Lab's comprehensive Kaspersky Fraud Prevention platform. It was developed to deliver rigorous, multi-layered security for online banking and includes programs for customer endpoints, a server solution to check customer transactions as well as a set of components to develop protected mobile applications.

Phishers don't just imitate the websites of financial institutions - they also frequently attack via social networking sites. In 2013, the number of attacks using fake pages of Facebook and other social networking sites grew by 6.8 percentage points and accounted for 35.4 per cent of the total.

The 'Financial cyber threats in 2013' report used data obtained voluntarily from Kaspersky Security Network participants. Kaspersky Security Network is a globally distributed cloud-based infrastructure designed to quickly process depersonalised data about threats which users of Kaspersky Lab's products encounter. Statistics about phishing attacks were obtained based on Kaspersky Lab web anti-phishing detections.

About Kaspersky Lab 

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at http://www.kaspersky.co.uk.

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published in the IDC report "Worldwide Endpoint Security 2013-2017 Forecast and 2012 Vendor Shares (IDC #242618, August 2013). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2012. 

Contact: Lauren White, +44(0)118-909-0909, [email protected]

SOURCE Kaspersky Lab

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Penta Security is a leading vendor for data security solutions, including its encryption solution, D’Amo. By using FPE technology, D’Amo allows for the implementation of encryption technology to sensitive data fields without modification to schema in the database environment. With businesses having their data become increasingly more complicated in their mission-critical applications (such as ERP, CRM, HRM), continued ...
SYS-CON Events announced today that Enzu will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their online busine...
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
Established in 1998, Calsoft is a leading software product engineering Services Company specializing in Storage, Networking, Virtualization and Cloud business verticals. Calsoft provides End-to-End Product Development, Quality Assurance Sustenance, Solution Engineering and Professional Services expertise to assist customers in achieving their product development and business goals. The company's deep domain knowledge of Storage, Virtualization, Networking and Cloud verticals helps in delivering ...
SYS-CON Events announced today that Cloudbric, a leading website security provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Cloudbric is an elite full service website protection solution specifically designed for IT novices, entrepreneurs, and small and medium businesses. First launched in 2015, Cloudbric is based on the enterprise level Web Application Firewall by Penta Security Sys...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
In the next five to ten years, millions, if not billions of things will become smarter. This smartness goes beyond connected things in our homes like the fridge, thermostat and fancy lighting, and into heavily regulated industries including aerospace, pharmaceutical/medical devices and energy. “Smartness” will embed itself within individual products that are part of our daily lives. We will engage with smart products - learning from them, informing them, and communicating with them. Smart produc...
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Extreme Computing is the ability to leverage highly performant infrastructure and software to accelerate Big Data, machine learning, HPC, and Enterprise applications. High IOPS Storage, low-latency networks, in-memory databases, GPUs and other parallel accelerators are being used to achieve faster results and help businesses make better decisions. In his session at 18th Cloud Expo, Michael O'Neill, Strategic Business Development at NVIDIA, focused on some of the unique ways extreme computing is...
SYS-CON Events announced today that Coalfire will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, health...
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, will contrast how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He will show the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He will also have live demos of building immutable pipe...
SYS-CON Events announced today that Transparent Cloud Computing (T-Cloud) Consortium will exhibit at the 19th International Cloud Expo®, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The Transparent Cloud Computing Consortium (T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data proces...
The Internet of Things (IoT), in all its myriad manifestations, has great potential. Much of that potential comes from the evolving data management and analytic (DMA) technologies and processes that allow us to gain insight from all of the IoT data that can be generated and gathered. This potential may never be met as those data sets are tied to specific industry verticals and single markets, with no clear way to use IoT data and sensor analytics to fulfill the hype being given the IoT today.
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.