Cybercriminals increase use of trusted domains to trick victims
Nearly a quarter of malicious URLs are being hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block.
This is one of the findings of the latest Webroot threat report which also shows 29 percent of detected phishing web pages use HTTPS as a method to trick users into believing they're on a trusted site via the padlock symbol.
Among other findings are that one in 50 URLs is now malicious. Phishing is on the rise too, with a 400 percent increase in URLs discovered from January to July 2019. The top industries impersonated in phishing attacks are SaaS/webmail providers (25 percent), financial institutions (19 percent), social media (16 percent) and retail (14 percent).
Phished passwords are being used for more than account takeover attempts too, they are appearing in extortion emails claiming victims have been caught doing something embarrassing or damaging that will be shared with colleagues, friends and family unless a ransom is paid. Attacks are also going after security questions and their answers as well as usernames and passwords.
It's becoming riskier to run Windows 7 too, with infections targeting the OS up by 71 percent. The number of IP addresses hosting Windows exploits also grew 75 percent between January and June this year.
"We are beginning to see hackers create more personalized phishing emails using data gathered in recent massive breaches, as well as the use of HTTPS and trusted domains to seem more legitimate," says Tyler Moffitt, senior threat research analyst at Webroot. "These tactics take advantage of familiarity and context, and result in unwarranted trust. Businesses and consumers need to be aware of and continually educate themselves about these evolving methods and risks to protect their data and devices."
The full report is available from the Webroot site.