Corny title aside, ‘tis officially the season for online shopping, and that means a drastic increase in phishing scams. In order to obtain sensitive information from specific organizations and people, these threats have become increasingly sophisticated and are carefully crafted. According to the latest Webroot Quarterly Threat Update, 84 percent of phishing sites exist for less than 24 hours, with an average life cycle of under 15 hours.
“In years past, these sites could endure for several weeks or months, giving organizations plenty of time to block the method of attack and prevent more victims from falling prey,” said Hal Lonas, chief technology officer at Webroot. “Now, phishing sites can appear and disappear in the span of a coffee break, leaving every organization, no matter its size, at an immediate and serious risk from phishing attacks.”
3 things you NEED to know about phishing
During 2016, Webroot has observed an average of over 400,000 phishing sites each month. To keep up with the incredibly short life cycles and sheer volume of phishing sites and URLs, you have to abandon old techniques that use static or crowdsourced blacklists of bad domains and URLs. There are over 13,000 new malicious sites per day, approximately 11,000 of which last 24 hours or less, rendering static lists obsolete within moments of being published.
Nearly all of today’s phishing URLs are hidden within benign domains. Since phishing attacks no longer use dedicated domains, URLs must be checked each time they are requested. At the speed of today’s attacks, a page that was totally benign just seconds ago may have since been compromised.
Google, PayPal, Yahoo, and Apple are heavily targeted for attacks. Cybercriminals know to impersonate sites that people trust and use regularly. Webroot took a closer look at the companies for which impersonation would likely cause the largest negative impact. Of these “high-risk” organizations, Google was impersonated in 21 percent of all phishing sites between January and September 2016, making it the most heavily targeted.
Emails to avoid
With the holiday season in full swing and the New Year fast approaching, hackers are up to their old tricks. According to Mike Trammell, senior director, office of the CISO, Webroot, we should all be wary of emails containing UPS, USPS, and FedEx shipping alerts; 401k/benefit enrollment notices; and miscellaneous tax documents from now through the end of January.
So far, we have seen the following email subjects related to phishing:
- FTC subpoena
- RE: insurance
- Shipping status changed for your parcel # XXXXXXXXX
Be on the lookout for these types of messages in your inbox, since they’re likely to be phishing attempts that could lead to credential harvesting, ransomware infections, and more.
Our holiday wish for you
With holiday gifting on the horizon, the scammers are out in force, so remember to be extra vigilant. Remind your families, friends, colleagues, and clients to use secure and reputable websites and to only click links from sources they trust. Particularly at this time of year, if a stranger contacts you or anyone you know, whether by phone or by email, remember that they might not be who they claim to be. Before giving them any information or money, try contacting them back through their publicly available contact information.
From everyone at Webroot, we hope you have a secure and joyous season, and a happy new year!