Hackers are using the phishing method when doing an attack on some of the world’s largest tech brands. Akamai, a global company of Content Delivery Network (CDN) Services Provider for media and software delivery, and cloud security solutions published a report named Akamai 2019 State of the Internet / Security Phishing: Baiting the Hook. This report discusses their security research on most targeted brands and the most commonly used attack types on them.
About 50% of servers are being attacked
The main finding of the research is that cybercriminals are using enterprise-based development and deployment strategies, such as phishing as a service (PaaS), to con some of the world’s largest tech brands, domains including Microsoft, PayPal, DHL, and Dropbox.
The report defines phishing is no longer just an email-based threat, also includes social media and mobile devices. While phishing evolves with different techniques day by day, one of the most usual type used in such an attack is the business email compromise (BEC) attack. FBI declared that BEC attacks resulted in worldwide losses of more than $12 billion between October 2013 and May 2018.
Editorial Director of the State of the Internet/Security report for Akamai, Martin McKeay, comments phishing with the words:
“Phishing is a long-term problem that we expect will have adversaries continuously going after consumers and businesses alike until personalized awareness training programs and layered defense techniques are put in place,”
High-tech industry is the most targeted industry
Moreover, research shows the first most targeted industry by phishing is high technology with 6,035 domains, and 120 kit variations and the second is financial services with 3,658 domains and 83 kit variants. At the end of the most targeted industry list, sectors like e-commerce and media appear. It must be stated that more than 60 global brands were targeted during the reporting period.
Akamai also monitors that Microsoft, PayPal, DHL, and Dropbox were the top targeted brands regarding phishing attacks. McKeay ends his words as:
As the phishing landscape continues to evolve, more techniques such as BEC attacks will develop, threatening a variety of industries across the globe. The style of phishing attacks is not one size fits all; therefore, companies will need to do due diligence to stay ahead of business-minded criminals looking to abuse their trust.