Cyber Gangs Focus Increasingly on Software-as-a-Service and Webmail Sectors’ Brands
According to the APWG’s new Phishing Activity Trends Report, phishing attacks spiked in March and April 2018. The total number of phish detected in 2Q 2018 was down slightly from 1Q 2018, but remained far higher during the quarter than the rates seen during the same period in 2017.
The phishing attacks in the second quarter of 2018 increasingly targeted software-as-a-service (SAAS) and webmail providers. Attacks against such providers amounted to 21 percent of all phishing attacks. Phishers target users of these services to coopt their services to send spam, steal the account data of additional users, and access business secrets. Phishers also continued to attack payment processors and banks and their customers which suffered 52 percent of all phishing attacks.
In other news, APWG member Axur described how cybercriminals in Brazil steal credentials and use them to buy real-world products such as electronics, which they then re-sell. Axur also observed that the number of phishing attacks against Brazilian e-commerce sites fell 53 percent from April to June. “We believe that this spike in April has a direct connection to the FIFA World Cup event. In April, many criminals were doing phishing by offering TVs priced much lower than those in official stores,” said Eduardo Schultze, CSIRT Coordinator at Axur.
The full text of the report is available here:
About the APWG
Founded in 2003, the Anti-Phishing Working Group, (APWG) is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,200 companies, government agencies and NGOs participating in the APWG worldwide. The APWG’s