Attack volume increases as hackers go phishing for cryptocurrency
There has been a 22 percent increase in phishing volume in the first half of 2021 compared to the same period last year. Though there was a dip in June following record highs in May.
A report from digital risk protection company PhishLabs shows that the cryptocurrency sector saw a 10 times increase in attacks in the last quarter compared to the previous one.
Phisherfolk seeking to cash in on growing interest in cryptocurrency, thanks to economic uncertainty surrounding the pandemic, are impersonating cryptocurrency businesses to confuse customers and cash in on the sector's growth in a medium where a majority of the industry's communications takes place.
"Bad actors continue to utilize phishing to fleece proprietary information, and are developing more sophisticated ways to do so based on growth in areas such as cryptocurrency and sites that use single-sign-on," says John LaCour, founder and CTO of PhishLabs. "That said, it's interesting to see the significant dip from May to June 2021. We’ll continue to monitor through the summer and analyze if we’re seeing a trend in the right direction, or if attackers simply took a summer vacation."
Among other targets since the beginning of 2021, the average business experienced approximately 34 attacks on social media per month. However, by June this number rose closer to 50, representing a 47 percent increase through the first half of 2021.
Office 365 phishing is the top email threat to corporate users with 51 percent of credential theft attacks found in corporate inboxes during the second quarter targeting O365 accounts. The report also shows an increasing pattern of threat actors targeting accounts used for single sign-on (SSO). 45 percent of phishing sites targeted accounts that are commonly used for SSO.
"These core findings paint a very specific picture of what bad actors are turning to in order to infiltrate corporate accounts. For one, as they've gained prominence, crypto exchanges are being targeted with many of the same cyber threats that larger, more established financial institutions have faced for years. Crypto firms need to be aware of and better prepared to deal with online impersonation and other scams," adds LaCour. "Additionally, the continued increase in SSO attacks suggests that criminals recognize that compromising an account used for SSO can give them access to many more secondary accounts that trust the SSO account for authentication. This makes these platforms a highly rewarding target, especially if they gain access to Office365 at the enterprise level. An in-depth approach combining technology, user education and operational processes are needed to combat this trend."
The full report is available on the PhishLabs site.