Phishing improves in quality as major brands are targeted
It used to be easy to spot a phishing email, you just looked out for bad grammar and URLs that clearly didn't correspond to the organization being impersonated.
Recently though they've become harder to detect. According to the latest Global Threat Report from Comodo Cybersecurity, phishing really is getting better and it now represents one in every 100 emails received by enterprises.
The most frequently targeted brands by phishing in the third quarter of 2018 goes to Microsoft (19 percent), followed by PayPal (17 percent) and Google (9.7 percent). Top three phishing emails ranked by subject line over the same period are: 'Your account will be locked' -- PayPal (40 percent), 'Info' -- FedEx (10 percent), and 'August Azure Newsletter' -- Microsoft (eight percent).
Phishing URLs are gaining in popularity, representing 40 percent of the total, although infected attachments remain the most popular technique at 60 percent.
Researchers cite one phishing email as representative of the improvement in quality. An email purporting to be a survey regarding Microsoft Azure's newsletter sported an authentic looking URL and logo, and did not have the telltale grammar or spelling errors that often give away phishing emails. Anyone clicking on the 'Take the survey' button though was sent to a malware-laden webpage to covertly infect them.
Among other things the report highlights are a disturbing increase in malware deployment leading up to major national elections around the world. Comodo researchers documented the impact of malware on elections in Russia, Turkey, Mali, Sierra Leone, Azerbaijan and Columbia. The report also reveals the correlation of malware detection leading up to and immediately following geopolitical crises -- events in the Syria civil war, the ongoing situation around the Iran nuclear weapons agreement, the Israel-Palestine conflict and the military operations of Saudi Arabia against Yemen.
"These correlations clearly stand out in the data, beyond the realm of coincidence," says VP of Comodo Cybersecurity Threat Research Labs, Fatih Orhan. "It is inescapable that state actors today employ malware and other cyberthreats as both extensions of soft power and outright military weapons, as do their lesser-resourced adversaries in asymmetric response."
You can find out more in the full report which is available from the Comodo website.