Organizations Most at Risk of Phishing
Phishing is a rapidly damaging cybercrime that has targeted a wide variety of domains and organizations. It has evolved past email into Vishing and Smishing. The question logically arises: who are the intended targets of these attacks? Why do the cybercriminals feel the need to come up with newer and newer techniques to bait victims? The answer is simple: they want to go big. A cybersecurity report by Akamai Technologies has publicised the domains and companies most at risk of being targeted for phishing attacks.
Commonly targeted Domains
Just about any organization having an online presence can be targeted for phishing. However, some targets are more lucrative and successful attacks result in a bigger payoff for the criminals. Following are the domains most likely to be targeted for phishing:
Almost everyone – from working individuals to entrepreneurs – use banks, credit, digital payment services, investment firms, and other financial services to conduct everyday business. Phishers have a wide arsenal to target financial institutions. Read our blog post on BEC attacks to understand some of the techniques used for hijacking emails of the ‘big money’ institutions.
Defence and Military Organizations
Such organizations are targeted through spear phishing. In this case, intruders send well-crafted and personalized bait emails to the high-ranking institutions’ personnel to steal sensitive government and military data.
The sad thing about this type of cybercrime is that it attacks the one thing online retail stores have struggled to achieve: customers’ trust. Payment gateways like PayPal and Google Pay are fast becoming ubiquitous among the most common of individuals. There is, therefore, no surprise that phishing turned its radar towards businesses’ online transaction systems. Buyers and sellers among the public don’t have any second thoughts about using the Internet as just a virtual equivalent of stores. Internet offers high-speed, efficiency, and convenience. The very success of retailers using Internet and online payment technology makes them such ripe targets for phishers.
Small and Big Businesses
About 60 percent of small businesses that have been hacked go out of business within six months of being phished. A single successful attack ruins the trust and faith of the clients. It throws mud on the company’s reputation. With phishing scams on the rise, businesses need to be aware of the various attacks in circulation and how to be prepared if they fall victim to a malicious cyber-attack. Our blog on identity theft gives details of PII theft and also contains some means of protecting yourself and your organization from falling prey.
Well-Known Organizations Targeted for Phishing
Hackers are mostly targeting the high technology industry, Akamai claims. It has analysed 6,035 domains and identified 120 kit variations in the industry. The second most-targeted industry was financial services, with 3,658 domains and 83 kit variants used, followed by e-commerce as third.
Microsoft, PayPal, DHL, and Dropbox were the top targeted brands. Microsoft took up 21.88 per cent of total domains, followed by PayPal with 9.37 per cent, DHL with 8.79 per cent and Dropbox with 2.59 per cent.
“Phishing is a long-term problem that we expect will have adversaries continuously going after consumers and businesses alike until personalized awareness training programs and layered defence techniques are put in place.” – Martin McKeay, Editorial Director of the State of the Internet/Security report for Akamai.