Phishers Increasingly Targeting SaaS and Webmail Services, APWG Reports

By CircleID Reporter

Most-Targeted Industry Sectors
APWG Report, 4th Quarter 2018
According to the latest report from Anti-Phishing Working Group (APWG) while the total number of conventional, spam-based phishing campaigns declined in 2018, users of software-as-a-service (SaaS) systems and webmail services are increasingly targeted.

The decline: "The number of confirmed phishing sites declined as 2018 proceeded. The total number of phishing sites detected by APWG in 4Q was 138,328 — down from 151,014 in Q3, 233,040 in Q2, and 263,538 in Q1. This general decline in the number of phishing campaigns as the year went on may have been a consequence of anti-phishing efforts — and/or the result of criminals shifting to more specialized and lucrative forms of e-crime than mass-market phishing."

Is it a decline: APWG points out that there is a growing concern the drop may be due to under-detection. "The detection and documentation of some phishing URLs has been complicated by phishers obfuscating phishing URLs with techniques such as Web-spider deflection schemes — and by employing multiple redirects in spam-based phishing campaigns, which take users (and automated detectors) from an email lure through multiple URLs on multiple domains before depositing the potential victim at the actual phishing site."

New targets: Phishing that targeted SaaS and Webmail services increased from 20.1 percent of all attacks in Q3 to almost 30 percent in Q4 of 2018. "Attacks against cloud storage and file hosting sites continued to drop, decreasing from 11.3 percent of all attacks in Q1 2018 to 4 percent in Q4 2018."

Related topics: Cyberattack, Cybersecurity, Email

Comments