“A new report from PhishLabs shows that Phishing remains the easiest and the most productive attack vector used by criminals.
In their report, set for release on Thursday, PhishLabs said the number of organizations targeted with BEC, or Business Email Compromise / Correspondence, Spear Phishing attacks grew tremendously in 2015 as attackers refined their techniques and sought new victims. In all, 22 percent of Spear Phishing attacks analyzed in 2015 were motivated by financial fraud or related crimes.
‘BEC attacks target smaller more nimble organizations, where exceptions to standard accounting processes are more likely to be made based on personal requests from members of the executive team. Analysis of attack indicators shows that in most cases, targeting requires very little effort. BEC attackers appear to glean the information they need from readily-available public sources and business networking sites,’ the report explains.
On the consumer front, 90 percent of the consumer-focused Phishing attacks targeted financial institutions, cloud-based storage or file hosting, webmail, e-commerce, and payment systems.
While financial institutions and payment services are the most highly targeted organizations on the consumer front, the share of overall Phishing volume declined some last year.
Rounding out some of the basics, the US was the top target of Phishing attacks by a long shot in 2015, with 77 percent, followed by China (5%), France / Great Britain / Australia (3%), Germany (2%), and Canada / Brazil (1%). All other remaining countries rounded out to five percent.
‘Organizations today are spending far more on preventing, detecting, and responding to cyberattacks than ever before,’ the report noted.
‘But amid all of this change, the use of Phishing to exploit the people that use the technology continues to be the most effective way to attack organizations and individuals.’ ”