The latest analysis by the Microsoft Security Intelligence Team shows that the number of attacks through phishing has skyrocketed by 250% in the past 2018. Attacks using malware during the same period were reduced by about 34%, indicating that cyber-hacking groups also targeted phishing attacks.
Microsoft pointed out that some hacker groups will use a variety of methods to phish at the same time, such as sending phishing emails and frequently changing different phishing URLs.
The security intelligence team also scanned 470 billion emails sent and received by Office 365 customers, and attackers attempted to spread widely into the internal network.
Phishing remains one of the top attack vectors used to deliver malicious zero-day payloads to users, and Microsoft has continued to harden against these attacks with additional anti-phishing protection, detection, investigation, and response capabilities to help secure users.
Microsoft researchers have found that many different types of phishing lures or payloads are being employed
in campaigns, including:
• Domain spoofing (the email message domain is an exact match with the original domain name)
• Domain impersonation (the email message domain is a look alike of the original domain name)
• User impersonation (the email message appears to come from someone you trust)
• Text lures (the text message appears to come from a legitimate source such as a bank, government agency, or other company to impart legitimateness to their claims and typically asks the victim to provide sensitive information such as usernames, passwords or sensitive financial data)
• Credential phishing links (the email message contains a link to a page that resembles a login page for a legitimate site, so users will enter their login credentials)
• Phishing attachments (the email message contains a malicious file attachment that the sender entices the victim to open)
• Links to fake cloud storage locations (the email message appears to come from a legitimate source and entices the user to give permission and/or enter personal information such as credentials in exchange for accessing a fake cloud storage location)
The Microsoft Cloud Protection System detects 6.5 trillion threat signals every day, and the final conclusion is that malware attacks fell by 34% in 2018. However, mining software has shown a wave of changes in the past year, mainly in the first half of last year, the virtual currency market is relatively hot, so many hackers are ready to move. Microsoft said that mining software attacks can allow hackers to call thousands of computers and steal processing power, while virtual currency anonymity makes tracking difficult.
In the illegal mining software theft monitored by Microsoft, the average rate of mining software attacks found in Ireland/Japan/USA/China is about 0.2% per month. This means that at least two of every 1,000 computers per month experience illegal mining software and this mining software is often infected with malware or rogue software.
Most illegal mining software attacks on the desktop are Monero coins. Statistics show that about 5% of Monero coins are currently mined by malware. However, in the second half of last year, the virtual currency market began to bear a bear market, and then the illegal mining software attack also gradually decreased with the bear market and fell by about 36%.