Cybercriminals used phishing attacks to steal user data and money, according to a recent Kaspersky Lab report.
Phishing attacks skyrocketed in the financial services industry and IT sector early this year, according to the Spam and Phishing in Q2 2018 report from Kaspersky Lab. Over a third (35.7%) of phishing attempts were in the financial services industry, with the IT sector coming in second at 13.83%, according to the report.
One of the most popular and easiest methods of cyberattack, phishing is not a new attack vector used by cybercriminals on businesses. In fact, more than half (54%) of companies receive phishing emails regularly, leaving companies at a constant threat of attack.
Phishers especially targeted finance companies last quarter, attacking banks, e-shops, and payment systems, according to Kaspersky Lab. The focus on money theft should not only encourage users to protect their finances, but also protect their data as they navigate online banking systems, said the press release.
Attackers create false payment or shopping sites and steal sensitive information like name, password, email, phone number, credit card information, and PIN, warned Kaspersky Lab.
SEE: Phishing and spearphishing: A cheat sheet for business professionals (TechRepublic)
Another strategy cybercriminals used focused on popular cryptocurrency wallets, which phishers would use to try and force victims to transfer cryptocurrency, said the report. Scammers also attempted to use the names of new ICO projects to try and trick potential investors into contributing funds, added Kaspersky Lab.
"The permanence of attacks targeting financial organizations reflects the fact that more and more people are using electronic money," Nadezhda Demidova, lead web content analyst at Kaspersky Lab, said in the press release. "Still, not all of them are sufficiently aware of the possible risks, so intruders are actively trying to steal sensitive information through phishing."
Kaspersky Lab recommends always checking the link address and sender email address before clicking a link you find in an email, only using secure connections, checking HTTPS connections, never sharing personal passwords or data, and employing anti-phishing technologies to stay safe.
The big takeaways for tech leaders:
- Phishing attacks targeted the finance and IT industries more than others in Q2, according to Kaspersky Lab.
- A rising number of phishing attacks shine light on the importance of keeping sensitive information secure, as well as being cautious when conducting financial transactions online.