Phishing Attacks Most Frequently Target Payment Service Users

According to the “Phishing Activity Trends Report” by the Anti-Phishing Working Group (APWG), 39% of all phishing attacks in the first half of 2018 targeted users of payment services. The number of phishing emails increased by 46% compared to the second half of 2017.

Main Victims of Phishing Attacks

The report highlights that payment service users were the primary victims of phishing attacks during this period, accounting for 39% of all incidents. There was also a slight increase in phishing attacks on SAAS providers and webmail services (19% of all phishing attacks), as well as on hosting and file-sharing sites (11%), according to APWG member company MarkMonitor.

Phishing Domains and Hosting Providers

Chris Hails, an expert at RiskIQ, analyzed the domain names used by scammers. He found that cybercriminals often register their domains through cheap, popular registrars. As a result, the use of phishing domains often correlates with the market share of top-level domains, and the hosting providers associated with phishing sites are usually the largest ones. For example, GoDaddy, the largest hosting provider in the first half of 2018, was also the main registrar linked to phishing campaigns.

Use of HTTPS and SSL Certificates

PhishLabs reported that by the second quarter of 2018, more than a third of phishing attacks used websites with HTTPS and SSL certificates. This trend is partly due to the growing popularity of SSL certificates on the internet, but the main reason is that scammers want to make their sites appear as legitimate and trustworthy as possible.

About APWG

The APWG is a global coalition of industry representatives, law enforcement agencies, and governments working to create a unified global response system to phishing attacks and other cybercrimes.