Tue. Nov 12th, 2019

Akamai: Cybercriminals are developing and deploying phishing toolkits for businesses

2 min read

Akamai released the “Phishing — Baiting the Hook” report. Research shows that cybercriminals are using enterprise-based development and deployment strategies (such as phishing-as-a-service, PaaS) to take advantage of some of the world’s largest technology brands for personal gain. In the report, 42.63% of domains observed targeting Microsoft, PayPal, DHL, and Dropbox.

The report shows that phishing is no longer just an email-based threat, but extends to social media and mobile device channels, raising a wide range of issues across all industries. According to the US Federal Bureau of Investigation, between October 2013 and May 2018, losses caused by BEC attacks worldwide exceeded $12 billion.

Internal Revenue Service phishing

“Phishing warning”by Christiaan Colen is licensed under CC BY-SA 2.0

Martin McKeay, an editor of Akamai’s Internet Development Security Report, said: “Phishing is a long-term problem that we expect will have adversaries continuously going after consumers and businesses alike until personalized awareness training programs and layered defense techniques are put in place.”

According to the report, cybercriminals operate through well-organized and sophisticated phishing toolkits, targeting global first-line brands and their users across industries. During the survey, 6035 malicious domains and 120 toolkit variants targeted the high-tech sector, making the high-tech industry a prime target for phishing attacks. This is followed by financial services, with 3,658 malicious domains and 83 toolkit variants targeting the field, making it the second most vulnerable industry. E-commerce (1979 malicious domains, 19 toolkit variants) and media (650 malicious domains, 19 toolkit variants) are also among the attack list. During the period covered by the report, a total of more than 60 global brands became targets.

According to Akamai’s monitoring results, Microsoft, PayPal, DHL, and Dropbox are the most popular brands for phishing. Among them, fake Microsoft’s malicious domain accounted for 21.88% of the total (3,897 malicious domains and 62 toolkit variants); fake PayPal’s malicious domain accounted for 9.37% of the total (14 toolkit variants); fake DHL’s malicious domain It accounts for 8.79% of the total (7 toolkit variants); the fake domain of fake Dropbox accounts for 2.59% of the total (11 toolkit variants).

According to Akamai’s research, 60% of the phishing toolkits observed during the reporting period were only able to remain for 20 days or less, and this situation is more common in phishing attacks. This short life cycle is likely to cause criminals to continually develop new circumvention methods so that their toolkits are not perceived.