Blog

RSS

Now Launching: SOTI - Phishing For Finance

Written by

Amanda Goedde

May 19, 2021

Amanda Goedde is a Senior Technical Writer at Akamai Technologies.

It's that time again -- the launch of the second State of the Internet / Security report of 2021. While Akamai has access to some of the largest security data sets in the world, our viewpoint is limited to the traffic that traverses our networks and is seen by our tools. 

In 2020, there were 193 billion credential stuffing attacks globally, with 3.4 billion of them in the financial services space, representing 45% growth over 2019.

Web attacks against the financial services industry represented 12% of the global attacks observed in 2020.Akamai observed 736,071,428 web attacks recorded against financial services in 2020. The number one web attack type targeting financial services was Local File Inclusion (52%), followed by SQL Injection (33%) and Cross-Site Scripting (9%).

We worked with threat intelligence company WMC Global for this report, which focuses on the financial services industry. The researchers at WMC Global are experts at understanding SMS phishing (smishing) and the toolkits that criminals devise to make their attacks possible. Our desire is to provide you with both a wide view of the threat and a deep dive into a specific threat.

Over the past three years (2018-2020), DDoS attacks against the financial services sector grew by 93%, proving that systemic disruption is always an option for criminals, who target services and applications required for daily business.

In this report, we present research related to threat actors and the phishing kits being used to target the financial services industry, or people within it. One relatively new malicious actor (Kr3pto) poses a serious threat to the financial services industry in the UK, with the development of dynamic phishing kits that effectively bypass secondary methods of authentication

We also take a look at a corporate phishing kit known as Ex-Robotos. The phishing kits targeting corporate accounts bring particularly high risk, because they expose access that extends beyond what they're targeting. Credentials compromised by corporate phishing kits instantly expose the account in question, such as office email or document storage

Phishing kits like Ex-Robotos and Kr3pto are just the tip of the iceberg -- hundreds of kits are developed and circulated daily. The attacks are relentless. The phishing economy as a whole has been growing exponentially year over year, as developers leverage the same web technologies and techniques that enable businesses to remain agile and ahead of the curve.

To dive deeper into this research, read the full State of the Internet / Security report.



Written by

Amanda Goedde

May 19, 2021

Amanda Goedde is a Senior Technical Writer at Akamai Technologies.