The Quarterly Threat Trends Report published by WebRoot this month shows there has been a significant increase in the number of new phishing websites being launched each month.
May 2017 saw a record number of new phishing websites created, with more than 2.3 million new websites detected in the month of May alone. Figures for the quarter show there are now well over 1 million new phishing websites created each month, which equates to more than 46,000 new phishing websites every single day. The monthly average number of new phishing websites is 1,385,000.
One of the main problems is the short lifespan of phishing websites. Typically, a phishing website is created and only used for 4-8 hours on average. During that time, the site may be visited by many thousands of individuals, but the short time frame makes it hard for the websites to be detected and blocked.
Webroot reports that typically there is a significant lag time between sites being identified as malicious and being included on website blacklists. The lag time can be as long as 3-5 days. By the time the sites are added to the blacklists they are no longer active and scammers have moved on to new domains.
Webroot’s analysis shows phishing is the leading cause of cyberattacks. With the high volume of new phishing websites being created every month, that is unlikely to change in the foreseeable future.
Phishing attacks are also becoming much sophisticated and highly targeted. In the past, the most common tactic was to send phishing emails randomly in huge volumes in an attempt to fool as many people as possible. Email scams were simply a numbers game.
This year has seen an increase in smaller phishing campaigns, with the campaigns now highly targeted. The quality of the emails is higher, phishing emails are much harder to identify as malicious, and victims are researched. By researching victims and sending targeted emails the success rate is far higher. The smaller volumes of emails also makes it harder to detect and mitigate the attacks.
While the number of phishing websites being created has increased substantially in 2017, there has not been a major increase in the number of impersonated brands. The scammers are still concentrating on a small number of companies, with Google (35%), Chase (15%), Dropbox (13%), PayPal (10%), Facebook (7%), and Apple (6%) the most targeted. Yahoo, Wells Fargo, Citi and Adobe make up the rest of the top 10.