Click here to close now.




















Welcome!

News Feed Item

APWG Report: Phishers Targeting Crypto Currency, Payment Services and Retail Sites

The APWG reports in its new Phishing Activity Trends Report that new online payment services and crypto-currency sites are being targeted by phishers. The number of phishing attacks remained high, and the second quarter of 2014 saw the second-highest number of phishing attacks ever recorded in a quarter since the APWG began tracking by quarterly periods in 2008.

The APWG detected an average of 42,793 new phishing attacks per month in the second quarter. The number of targets dropped slightly from 1Q 2014. Year-over-year, the number of targets was down 17 percent from the 639 observed in Q2 of 2013 to the 531 seen in Q2 of 2014. “This indicates a higher concentration of attacks on more vulnerable brands," said Frederick Felman, Chief Marketing Officer, MarkMonitor, and an APWG contributing member.

The full text of the report is available here: http://docs.apwg.org/reports/apwg_trends_report_q2_2014.pdf

Several types of targets were attacked more than in the past. Attacked more frequently were growing online and alternate payment services. Examples include the Austrian cashless payments site PayLife, Hong Kong-based alternate payment system Perfect Money, and Payoneer, an Internet-based financial services business that allows users to transfer money and receive payments through re-loadable prepaid MasterCard debit cards. Attacks against established providers dipped.

“We’re also seeing an uptick in phishing attacks against the users of Bitcoin sites, notably wallet service Blockchain and the exchange site Coinbase,” said Greg Aaron, President of Illumintel and APWG Senior Research Fellow. “The number of attacks against them remains small overall, but we will continue to monitor this as Bitcoin continues to gain adoption by retailers and consumers.”

Attacks against retail/service sites also grew, from 11.5 to 16.5 percent of all phishing attacks. Phishers spoofed these sites because they collect credit card numbers and other useful credentials from their users.

The second quarter also saw a recent increase in the spread of PUPs (Potentially Unwanted Programs) such as spyware and adware. APWG member company PandaLabs reports that the PUPs were spread by a proliferation of software bundlers: programs that install PUPs on computers along with the programs that the user actually wants to install. Overall, Trojans remained the most common type of malware.

Meanwhile, APWG is convening its fall conference in Birmingham on September 23-25 to address the next generation of cybercrime, specifically inspecting crime engaging fraud architectures in the investing and mortgage banking sectors, as well as advanced research into fraud provenance tracing, programmatic cybercrime event data exchange and enterprise-wide fraud management.

The conference notes page is here: http://ecrimeresearch.org/events/ecrime2014/

APWG Secretary General Peter Cassidy said, "Account-level cybercrime against consumers and enterprises can damage accounts – but control fraud and investment fraud has the clear potential to damage markets and even economies. Our contributing researchers at this conference are mapping threatscapes that menace commerce and free markets as we know them.”

About the APWG

The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,000 companies, government agencies and NGOs participating in the APWG worldwide. The APWG's www.apwg.org and education.apwg.org websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the Stop. Think. Connect. Messaging Convention, the global online safety public awareness collaborative www.stopthinkconnect.org and founder/curator of the eCrime Researchers Summit, the world’s only peer-reviewed conference dedicated specifically to electronic crime studies www.ecrimeresearch.org.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
SYS-CON Events announced today that the "Second Containers & Microservices Expo" will take place November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 17th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships at Com...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
Scrum Alliance has announced the release of its 2015 State of Scrum Report. Almost 5,000 individuals and companies worldwide participated in this year's survey. Most organizations in the market today are still leading and managing under an Industrial Age model. Not only is the speed of change growing exponentially, Agile and Scrum frameworks are showing companies how to draw on the full talents and capabilities of those doing the work in order to continue innovating for success.
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
Between the compelling mockups and specs produced by your analysts and designers, and the resulting application built by your developers, there is a gulf where projects fail, costs spiral out of control, and applications fall short of requirements. In his session at @DevOpsSummit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, presented a new approach where business and development users collaborate – each using tools appropriate to their goals and expertise – to build mocku...
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...
Graylog, Inc., has added the capability to collect, centralize and analyze application container logs from within Docker. The Graylog logging driver for Docker addresses the challenges of extracting intelligence from within Docker containers, where most workloads are dynamic and log data is not persisted or stored. Using Graylog, DevOps and IT Ops teams can pinpoint the root cause of problems to deliver new applications faster and minimize downtime.
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - when building software defined infrastructure. In his session at 16th Cloud Expo, Boyan Ivanov, CEO of StorPool, provided some practical insights on what, how and why when implementing "software-defined" in the datacent...
Learn how you can use the CoSN SEND II Decision Tree for Education Technology to make sure that your K–12 technology initiatives create a more engaging learning experience that empowers students, teachers, and administrators alike.
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.