Webroot Quarterly Threat Trends Report Reveals 1.5 Million New Phishing Sites Created Each Month

Webroot has published its Quarterly Threat Trends Report for Q2, 2017 which highlights the growing threat from phishing. On average, each month in Q2 saw 1.385 million new phishing webpages created each month, although there was a major spike in May when 2.3 million new phishing websites were detected. On average, more than 43,000 new phishing websites are created each day.

The quality of the sites has also increased. It is now virtually impossible to tell from the content of the page whether the website is genuine. The websites are highly realistic and use the same imagery, color schemes, logos and graphics as the sites they mimic. The only tell-tale sign that the websites are not genuine are the domain names used.

The most commonly spoofed brand is Google. 35% of phishing sites impersonate Google to obtain Gmail and Google Drive credentials. Chase bank is the second most spoofed brand accounting for 15% of sites followed by Dropbox (13%), PayPal (10%), Facebook (7%), Apple (6%), and Yahoo and Wells Fargo (4%).

The websites have a common purpose. To fool consumers and business users into revealing sensitive information such as credit card numbers, other financial information, and other login credentials or installing malware. Users are directed to the websites using hyperlinks sent in spam emails, redirects from other websites, and malvertising.

The websites are also short-lived and are only used for a few hours. Webroot notes that the typical active time of a phishing site is just 4-8 hours. Since blocklists are often days out of date, phishers can avoid this common protection method. By the time a website is determined to be malicious and is added to a blacklist, it has already been used and abandoned.

Webroot notes that phishing attacks have increased in sophistication with the spray and pray tactics now accompanied by much more targeted attacks. Social engineering techniques are used to fool end users into visiting the malicious websites and revealing their credentials and the malware used on the sites is more malignant than in years gone by.

Phishing is now the biggest threat faced by businesses and consumers and is the primary cause of data breaches. Research conducted by PhishMe suggests 91% of data breaches start with a phishing email and Verizon reports that 90% of breaches are caused by phishing. The FBI’s figures indicate the cost from phishing to US businesses has now reached $500 million a year.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.