Akamai Security Research: Cybercriminals Using Enterprise-Based Strategies For Phishing Kit Development And Deployment
Malicious Actors Developing Custom Tools and Processes to Target and Leverage the World’s Largest Tech Brands and Victimize Their Users
Akamai Technologies, Inc. (NASDAQ: AKAM) today published the Akamai 2019 State of the Internet / Security Phishing: Baiting the Hook report. The research findings indicate that cybercriminals are using enterprise-based development and deployment strategies, such as phishing as a service (PaaS), to leverage some of the world’s largest tech brands, with 42.63% of domains observed targeting Microsoft, PayPal, DHL, and Dropbox.
The report details that phishing is no longer just an email-based threat, but has expanded to include social media and mobile devices, creating a wide-reaching problem that touches all industries. This evolving method continues to morph into different techniques, one of which being business email compromise (BEC) attacks. According to the FBI, BEC attacks resulted in worldwide losses of more than $12 billion between October 2013 and May 2018.
"Phishing is a long-term problem that we expect will have adversaries continuously going after consumers and businesses alike until personalized awareness training programs and layered defense techniques are put in place," said Martin McKeay, Editorial Director of the State of the Internet/Security report for Akamai.
The report shows that cybercriminals are targeting top global brands and their users across various industries through highly-organized and sophisticated phishing kit operations. During the research period, with 6,035 domains, and 120 kit variations, high technology was the top industry targeted by phishing. Following that, financial services, with 3,658 domains and 83 kit variants, was the second most-targeted industry. E-Commerce (1,979 domains, 19 kit variants) and media (650 domains, 19 kit variants) rounded out the list. In all, more than 60 global brands were targeted during the reporting period.
According to Akamai’s monitoring, Microsoft, PayPal, DHL, and Dropbox were the top targeted brands when it came to phishing, with Microsoft taking up 21.88% of total domains (3,897 domains and 62 kit variants), PayPal taking up 9.37% of total domains (14 kit variants), DHL (7 kit variants) taking up 8.79% of total domains and Dropbox having 2.59% (11 kit variants) of total domains.
Phishing defenses have forced changes to criminal operations, as they seek to remain undetected for as long as possible. According to Akamai’s research, 60% of the phishing kits observed were active for 20-days or less during the reporting period, which is becoming more common among phishing attacks. This short lifespan is likely why criminals continue to develop new evasion methods to keep their kits undetected.
Akamai’s new report also discusses a research project that followed the daily operations of a phishing-kit developer who offered three types of kits with advanced evasion techniques, design, and geo-targeting options. The low prices and top-tier brand targets in these kits are an attractive item, creating a low-barrier for entry into the phishing market for criminals looking to set up shop.
McKeay concludes, "As the phishing landscape continues to evolve, more techniques such as BEC attacks will develop, threatening a variety of industries across the globe. The style of phishing attacks is not one size fits all; therefore, companies will need to do due diligence to stay ahead of business-minded criminals looking to abuse their trust."
The Akamai 2019 State of the Internet / Security Report is available for download here. In addition, Akamai will be conducting a webinar on Thursday, October 31 at 11:00 a.m. ET where Akamai security experts discuss the findings of this latest report. To register for the webinar, visit here.
For additional information, the security community can access, engage with, and learn from Akamai’s threat researchers and the insight that the Akamai Intelligent Edge Platform affords into the evolving threat landscape, visit Akamai’s Threat Research Hub.
Acerca de Akamai
Como la plataforma de distribución en la nube más fiable y más grande del mundo, Akamai facilita a sus clientes la posibilidad de ofrecer la mejor experiencia digital y la más segura en cualquier dispositivo, momento y lugar. La plataforma distribuida por todo el mundo de Akamai ofrece un soporte inigualable basado en más de 200 000 servidores de 130 países, que proporciona a los clientes un rendimiento y una protección impecables frente a las amenazas. La cartera de soluciones de rendimiento web y móvil, seguridad en la nube, acceso empresarial y distribución de vídeo de Akamai está respaldada por un servicio de atención al cliente excepcional y una supervisión ininterrumpida. Para descubrir por qué las principales instituciones financieras, líderes de comercio electrónico, proveedores de contenidos multimedia y de entretenimiento, y organizaciones gubernamentales confían en Akamai, visite www.akamai.com y blogs.akamai.com o siga a @Akamai en Twitter.
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. With the world’s most distributed compute platform — from cloud to edge — we make it easy for customers to develop and run applications, while we keep experiences closer to users and threats farther away. Learn more about Akamai’s security, compute, and delivery solutions at akamai.com and akamai.com/blog, or follow Akamai Technologies on Twitter and LinkedIn.