Half of all phishing attacks in 2016 aimed at stealing money: Kaspersky analysis

Almost half of all phishing attacks registered in 2016 by Kaspersky Lab were aimed at stealing victims’ money, the cybersecurity company reported on Wednesday.

According to the Financial Cyberthreats in 2016 report, 47.48% of all phishing attacks – fraudulent email messages or “copycat” websites that appear legitimate – registered in 2016 by Kaspersky’s heuristic detection technologies were aimed at stealing victims’ money. Compared to 2015, the amount of financial phishing attacks increased by 13.14% in 2016. “This is the highest share of financial phishing registered to date by Kaspersky Lab,” the company added.

In 2016, Kaspersky Lab’s anti-phishing technologies detected almost 155 million user attempts to visit different kinds of phishing pages, Woburn, Mass.-based Kaspersky said in a statement. Of those attempts, almost half of heuristic detections were attempts to visit a financial phishing page, where the aim was, for example, to obtain valuable personal information from users, such as their account numbers for banking, credit accounts, social security numbers, and the login and passwords they use to access online banking.

The report found that banking phishing schemes are the “absolute leaders” among all types of financial phishing. Every fourth (25.76%) attack used fake online banking information, or other content related to banks – a result that is 8.31% higher than in 2015. The share of phishing related to payment systems and e-shops accounted for 11.55% and 10.14% respectively, an increase of 3.75% and 1.09% compared to 2015. The share of financial phishing detected on Mac operating system computers was 31.38%, the release added.

Kaspersky said that financial phishers are “particularly keen” to use data related to top multi-national banks, popular payment systems and Internet shops and auctions from the United States, China and Brazil in their scams. The list of brands used stays the same from year to year, as their popularity remains high and they are therefore a lucrative target for cybercriminals, the cybersecurity company explained.

“Financial phishing has always been one of the easiest ways for cybercriminals to earn illegal money,” noted Nadezhda Demidova, senior web content analyst at Kaspersky Lab. “You don’t have to be a skilled programmer, and you don’t have to invest lots of money into supporting infrastructure. Of course, most phishing schemes are easy to recognize and avoid, but judging by what we see in our statistics, lots of people are still not cautious enough when it comes to dealing with financial data online.”

Other results included:

• In 2016, the number of users attacked with banking Trojans increased by 30.55% to reach 1,088,900;
• 17.17% of users attacked with banking malware were corporate users;
• Users in Russia, Germany, Japan, India, Vietnam and the U.S. are the ones most often attacked by banking malware;
• Zbot remained the most widespread banking malware family (44.08% of attacked users), but in 2016 it was actively challenged by the Gozi family (17.22%);
• In 2016, the number of users that encountered Android malware increased 430% to reach 305,000 worldwide; and
• Russia, Australia and Ukraine are the countries with the highest percentage of users attacked by Android banking malware.