Phishing Site Longevity Shrinking

Wednesday, December 14, 2016 @ 02:12 PM gHale

Phishing is an ever growing attack method, and it is easy to understand why because as quickly as a site appears, it goes away just as fast to escape detection.

That shows as 84 percent of phishing sites observed this year existed for less than 24 hours, with an average life cycle of under 15 hours, research showed.

RELATED STORIES
Big Jump in Per Day Malware Detected
Flash Player Tops Exploit Kit Attacks
Android Attacks Set to Rise: Report
Holidays Start with Malware Jolt

Today’s phishing attacks have become increasingly sophisticated and carefully crafted in order to obtain sensitive information from specific organizations and people, according to the data collected Webroot’s Quarterly Threat Report.

“Our data shows that a phishing site can last for as little as 15 minutes,” said Hal Lonas, chief technology officer for Webroot. “In years past, these sites could endure for several weeks or months, giving organizations plenty of time to block the method of attack and prevent more victims from falling prey. Now, phishing sites appear and disappear in the span of a coffee break, leaving every organization, no matter its size, at an immediate and serious risk from phishing attacks.”

During 2016, there was an average of over 400,000 phishing sites observed each month. To keep up with the incredibly short phishing life cycles and sheer volume of phishing sites and URLs, old techniques that use static or crowdsourced blacklists of bad domains and URLs must end up abandoned. With over 13,000 new phishing sites per day and 84 percent only lasting 24 hours (11,000 sites), these lists become obsolete within moments of being published.

Nearly all of today’s phishing URLs end up hidden within benign domains. The practice of phishing attacks using dedicated domains has disappeared. URLs now must end up checked each time there is a request because a page that was nonthreatening just seconds ago may have since been compromised.

Google, PayPal, Yahoo and Apple end up heavily targeted for phishing attacks, Webroot took a closer look at the companies for which impersonation would likely cause the largest negative impact. Of these Google was the most heavily targeted of these “high-risk” organizations, with 21 percent of all phishing sites between January and September 2016 impersonating the company.

“Current phishing campaigns can affect just about anyone within any organization,” the report said. “And the losses from successful phishing attacks can be devastating. For example, the FBI recently reported that companies have lost billions of dollars in just the past few years from employees being tricked, often by phishing attacks, into making fraudulent wire transfer payments.”

Click here to download the Webroot Quarterly Threat Report.



Leave a Reply

You must be logged in to post a comment.