According to an analysis of the views of financial threats conducted by Kaspersky Lab experts, nearly half of phishing attacks (email scam and fake sites that mimic legitimate ones ) registered by the company in 2016 was intended to steal money to the victims.
Last year the number of financial phishing attacks increased by 13.14% compared to 2015, accounting for 47.48% of all blocked phishing attacks.
In 2016, Kaspersky Lab’s anti-phishing technologies have discovered almost 155 million attempts by users to visit different types of phishing pages. Close to half of these had the purpose of obtaining personal information from users such as IBAN, credit accounts, social security number, username and password used to turn online banking. And cyber criminals wanted to use this information to steal money from their victims.
Among all types of financial phishing, banking is certainly the most widespread. An attack in four (25.76%) has used false information for online banking or other indications related to banks (+8.31% on 2015). The percentage of phishing related to payment systems and the online purchases respectively is 11.55% and 10.14%, an increase of 3.75% and 1.09% compared to 2015.
The financial phishing has always been one of the easiest methods for cyber criminals to make money illegally. You need not be an experienced programmer or invest much money in supporting infrastructure. Clearly, it is easy to recognize and avoid most phishing attacks, but many people do not make enough attention when they use their financial data online.
To protect yourself from phishing, Kaspersky Lab experts recommend that users take the following measures.
- Always check the site’s authority when making online payments. The connection must be protected with https protocol and domain must belong to the same organization that is targeted payment.
- Always check the legitimacy of emails that are received by the well-known brand. Even if you have urgent need to do something, how to change your password, first of all, we must check that the email was sent from a valid sender. You should contact your representative of your bank or payment system to ensure that the email was actually sent to the sender.
- Do not click on links in emails or web pages if you have doubts about their legitimacy.
- Use a security solution certified with anti-phishing technologies based on behavior. This will help identify even the latest phishing scams that have not yet added to the anti-phishing database.