“Who would ever fall for that?” That’s what many people think when they see a phishing attempt, since less advanced types of phishing often involve laughable requests with terrible grammar and spelling to lure victims. Most of these are sent to a large number of recipients in hopes that a few will respond, as even the smallest margin of return is a success. However, the majority of today’s phishing attacks are becoming increasingly sophisticated, carefully crafted to obtain sensitive information from specific organizations, or even a particular person.
Webroot’s latest analysis of phishing activity provides clear evidence of its evolution. Almost 100 percent of phishing URLs use domains typically associated with benign activity, making it much harder for people to recognize the URLs as malicious. Another alarming change is that 84 percent of phishing sites exist for less than 24 hours. Traditional security technologies simply can’t keep up with that.
Current phishing campaigns can affect just about anyone within any organization. And the losses from successful phishing attacks can be devastating. For example, the FBI recently reported that companies have lost billions of dollars in just the past few years from employees being tricked, often by phishing attacks, into making fraudulent wire transfer payments.
This report reveals information on the latest phishing trends to help you keep your organization up to date with its anti- phishing efforts. The figures presented are based on the latest data collected, tracked, and analyzed by the Webroot® Threat Intelligence Platform, the BrightCloud® Real-Time Anti-Phishing Service, and other Webroot capabilities.