For years the financial industry and email providers have been the top targeted industries, making up more than 50 percent of the total pie. In 2017, this was certainly still the case, but there is a new rapidly rising threat to the software as a service (SaaS) space as well.
Today we are excited to announce the release of PhishLab’s annual Phishing Trends and Intelligence (PTI) Report. This year’s report provides first-hand, in-depth data and analysis of the events and trends currently shaping the cybersecurity threat landscape.
As with past PTI reports, the goal of the information within is to provide the context and perspective needed to understand why changes are happening and how to better defend against rising threats.
Like years past, phishing continues to be an evolving threat. What once was a simple attack that would hit everyone from your neighbors to your colleagues’ inboxes has since expanded to different medians and tactics growing in sophistication.
Topics: PTI Report
RSA 2018 is nearly here and with it PhishLabs will unveil the emerging cybercrime trends and intelligence contained within this year’s Phishing Trends and Intelligence Report.
In addition to this year’s PTI report findings, our Director of Threat Intelligence, Crane Hassold, will be onsite discussing how he discovered and tracked the recently indicted Iranian’s tied to the Mabna Institute.
It probably comes as no surprise that the second quarter of 2017 brought changes in the phishing landscape. A dramatic increase (41%) in overall phishing volume was observed by the PhishLabs research team. Additionally, there have been shifts in the industries that are being targeted. This is further evidence that the threat landscape is both thriving and volatile as cybercriminals pivot and exploit different targets.
After years of gathering and analyzing phishing data, only one thing is certain - phishing continues to be a successful attack method for cybercriminals.
For the past several years, we’ve released an annual report during the first quarter of the year detailing precisely how the phishing landscape had evolved during the preceding 12 months.
Over the last decade phishing has exploded. Volume has increased every year, with threat actors reliably focusing the majority of their efforts on the same five or six industries.
It was a serious threat, of course, but it had become somewhat… predictable.
But in 2016, some major changes occurred. In just 12 months, the entire phishing landscape shifted.
In the past few years, you’ve no doubt started to see some pretty strange website suffixes.
You know the ones we mean. It isn’t just .COM, .ORG, and .NET anymore. Now you’ve started seeing .XYZ .NEWS .STUDIO and plenty of others.
In late 2015, malware trends hinted a ransomware epidemic was on its way.
And what happened? Less than three months into 2016, security analysts had branded it the ‘year of ransomware’.
Even popular media outlets were covering ransomware cases on an almost daily basis, and both consumers and businesses the world over would come to understand exactly what the word ransomware really means.
So what happened? After all, ransomware has been around for decades, so why the sudden explosion?
“For any study or research project, the ultimate assessment of validity is independent duplication of results.”This quote was the first line of an email I received a few days ago from Crane Hassold, our senior security threat researcher at PhishLabs.
And since we’ve recently published our annual Phishing Trends & Intelligence (PTI) report, I was interested to learn more.