Recent phishing activity trends have shown a decrease in detected phishing sites, but a big increase in Business Email Compromise attack losses, amounting to circa $80,000 per each attack.
While the number of phishing sites are allegedly going down during the pandemic, losses from complex attacks like Business Email Compromise (BEC) scams do continue to increase.
Says the Anti-Phishing Working Group, a non-profit group that works to analyse phishing activity trends, there was a noticeable increase in the average cost of a wire transfer via a BEC attack, from $54,000 in the 1st quarter of 2020 to $80,183 in the 2nd quarter.
The higher demands run counter to fewer number of phishing websites uncovered by APWG’s contributing members, 46,036 websites in June, compared to 48,951 in April & 52,007 in May. June was the month the fewest number of phishing sites were discovered by APWG members.
The statistics are from the group’s Q2 report (.PDF), which outlined activity from April to June, & was published just last week.
BEC attacks can take many different forms, but basically mean an attacker tricking an executive into making a financial transaction or sending through sensitive data.
Agari, a company that helps provide the AWPG statistics on phishing trends, observed it saw BEC attackers request an average of $1,213 from gift cards during Q2 of 2020, adding that attackers usually request funds in the form of gift cards in 66% of BEC attacks, 16% are payroll diversions, 18% are direct bank transfers.
The numbers around gift cards are reasonable, especially when you consider that $1,200 is not a gigantic amount. The attacks are not as profitable as, for example, a wire transfer, but, have a “decent chance of success, because they can be approved by multiple people in a medium-to-large company, & the amount is small enough to slip by some companies’ financial controls,” the report suggests.
Working from Home
As mentioned, attacks involving wire transfers increased, from $54K to $80K, likely taking advantage that many executives are working from home now, which could make them to either not read an email fully, or be easily distracted & accede to an attackers’ demands.
The report also explains which websites are the most targeted – SaaS & webmail sites accounted for 35% of all attacks but social media attacks also saw an increase (20% over Q1), due to attacks against Facebook & WhatsApp.
More findings by the report include an increase over time in phishing sites protected by HTTPS, a thing that makes links to sites look legitimate. A company cited in the report, Phish Labs, discovered that 77.6% of phishing sites in Q2 of 2020 used SSL/TLS certificates.