Phishing attacks reduce but more companies are targeted

Threat detection company RiskIQ has released the latest of its quarterly reports into threat trends, this one looking at phishing.

It finds that in the second quarter of 2017 there were 39,320 unique phishing domains, down from 45,025 back in the first quarter. However, there were 316 targeted phishing brands in Q2 -- up 15.7 percent from the 273 brands targeted in Q1.

"Threat actors are always innovating, creating new methods to lure victims into gaining access to their financial information, PII, and user accounts," says RiskIQ's Andrew Geiger writing on the company’s blog. "Any angle they can play to get their victims to enter their information, they'll use."

While financial services and digital transactions continue to be a favorite target due to the valuable, sensitive data they collect, healthcare companies and major software providers are also regulars in the top-10 most-phished brands list.

In Q1, the most-phished brand was a leading digital transaction provider followed by a multinational consumer electronics provider. In Q2, it was a major bank followed by the same consumer electronics provider.

When it comes to the domain registrars used for phishing sites, the top five include big names like GoDaddy, Tucows and Enom. Attackers are also increasingly using privacy protected or fake Whois registrations in order to make life harder for threat researchers.

You can find out more about the results on the RiskIQ blog.

Image Credit: Maksim Kabakou / Shutterstock