The phishing landscape has undergone a major shift that’s affecting what is being attacked, targeting email addresses rather than user names, according to a new report. This news was reported in the “2017 Phishing Trends and Intelligence Report” by Joseph Opacki and Crane Hassold, both formerly with the FBI and now with PhishLabs. Exploiting human vulnerabilities continues to be the most attractive and successful path for targeting organizations’ and individuals’ assets, the report said. “Phishing was and continues to be, by a wide margin, the most prolific method used to distribute ransomware. Fighting back against ransomware requires fighting back against phishing,” the authors said. Last year, they analyzed 1 million confirmed malicious phishing sites that resided in 170,000 unique domains. They also investigated and mitigated 7,800 phishing attacks every month by identifying the underlying infrastructure used and then shutting them down. They also analyzed thousands of unique malware samples from 100 ransomware variants in 20 banking Trojan families. Key findings of the report follow.
Phishing attacks are growing in the US, but the statistic that was surprising to us, is that Canada was one of the hardest hit with a 237% increase in 2016.