跳到主体内容

Over a quarter of phishing attacks in 2014 targeted users’ financial data

2015年2月12日

The Kaspersky Lab study ‘Financial Cyberthreats in 2014’ reports that 28.8% of phishing attacks in 2014 were intended to steal financial data from users

The Kaspersky Lab study ‘Financial Cyberthreats in 2014’ reports that 28.8% of phishing attacks in 2014 were intended to steal financial data from users. While carrying out their scams, cybercriminals have shifted their focus from bank brands to payment systems and online shopping sites.

  • Cybercriminals used the names of well-known banks in 16.3% of attacks; in 2013, the level of bank phishing was 22.2%;
  • In the Payment Systems category, cybercriminals mostly targeted data belonging to users of Visa cards (31.02% of detections in the Payment Systems category), PayPal (30.03% of detections) and American Express (24.6%);
  • The names of well-known online shopping sites were used in 7.3% of attacks (6.5% in 2013);
  • In 5.1% of cases, Kaspersky Lab’s protection technologies were triggered by phishing pages mentioning payment systems, which is 2.4 percentage points more than in 2013.
  • The proportion of financial phishing detected on Mac systems increased by 9.6 percentage points compared to the previous year, representing 48.5% of all instances in which the anti-phishing component of Kaspersky Lab security products for Mac OS X was triggered.

Distribution of instances where anti-phishing technologies were triggered in Kaspersky Lab products in 2014

 

Phishing is a type of Internet fraud that is used by cybercriminals to lure users into providing their data (account logins and passwords and other personal information) by creating fake web pages to imitate popular online resources.

Last year, the proportion of financial phishing to all phishing attacks fell by 2.7 percentage points compared to 2013, primarily due to a decrease in the level of banking phishing. At the same time, there was proportionally more phishing targeting other financial categories.

In the Payment Systems category, cybercriminals mostly targeted data belonging to users of Visa cards (31.02% of detections in the Payment Systems category), PayPal (30.03% of detections) and American Express (24.6%). A the same time, in 2014 detections for phishing pages mentioning PayPal saw their share fall by 14.09 percentage points compared to 2013.


Distribution of instances where anti-phishing technologies were triggered in Kaspersky Lab products in 2014 - Payment Systems

 

Amazon remains the most commonly-attacked brand in the Online Shopping category – 31.7% of attacks in this category used phishing pages mentioning Amazon. However, this is 29.41 percentage points less than in the previous year.

“The rise in financial phishing that we saw in the past has naturally drawn a response from the brands most frequently abused in phishing scams – they are beginning to tackle phishing distribution channels, especially email spam, more actively. That leads to a reduction in the levels of phishing that targets some of the larger brands. However, cybercriminals immediately responded by targeting new ‘markets’. For example, in 2014 we saw a large number of phishing scams based on websites that sell plane tickets. These are targets that used to be seen fairly infrequently in phishing scams,” said Nadezhda Demidova, web content analyst at Kaspersky Lab.

Kaspersky Lab experts have also recorded an increase in the proportion of financial phishing attacks against Mac OS X users. Overall, about 48.5% of all phishing attacks detected on computers with Kaspersky Lab security products for Mac installed on them were designed to steal financial data. In particular banks were mentioned in 29% of attacks, payment systems in 11.21% and online shopping sites in 8.32% of attacks.

You can find information on other changes in the 2014 financial cyberthreats landscape in the full text of the report on Securelist.com

Modern phishing websites are getting more and more sophisticated, making them very hard for users to recognize. That is why we recommend using an Internet security solution with an advanced anti-phishing technology in place. The anti-phishing module is included in key Kaspersky Lab products for home and corporate users, as well as Kaspersky Fraud Prevention – a platform created specifically to protect banks from online financial fraud. Its three components – anti-phishing databases, Kaspersky Security Network and heuristic analyzer – provide robust protection against phishing. The module’s effectiveness has been confirmed by independent test labs.

Over a quarter of phishing attacks in 2014 targeted users’ financial data

The Kaspersky Lab study ‘Financial Cyberthreats in 2014’ reports that 28.8% of phishing attacks in 2014 were intended to steal financial data from users
Kaspersky logo

关于卡巴斯基

卡巴斯基是一家成立于1997年的全球网络安全和数字隐私公司。卡巴斯基不断将深度威胁情报和安全技术转化成创新的安全解决方案和服务,为全球的企业、关键基础设施、政府和消费者提供安全保护。公司提供全面的安全产品组合,包括领先的端点保护解决方案以及多种针对性的安全解决方案和服务,以及用于应对复杂和不断变化的数字威胁的网络免疫解决方案。全球有超过4亿用户使用卡巴斯基技术保护自己,我们还帮助全球200,000家企业客户保护最重要的东西。要了解更多详情,请访问www.kaspersky.com.cn.

相关文章 企业新闻