Blog
Cybercriminals Exploit Human Nature Through Phishing and Spam Attacks
Posted: 6th April 2021
By: INSIKT GROUP
Editor’s Note: The following post is an excerpt of a full report by Gemini Advisory. To read the entire analysis, click here to view the full report.
Background
Payment card and bank account phishing—a method in which fraudsters trick victims into unwittingly providing payment card data, login credentials, or personally identifiable information (PII)—has always been a popular criminal scheme. However, many indicators show that phishing attacks rose sharply in 2020. From 2019 to 2020:- TheFBI reported a 110% increase in phishing victims
- Gemini identified a 72% increase in the volume of dark web forum posts referencing phishing
- Gemini identified a 101% increase in the volume of compromised US payment cards with a high likelihood of being phished that were posted for sale on the dark web
Key Findings
- Phishing attacks sharply increased in 2020 with the FBI reporting a 110% increase in phishing victims. Gemini Advisory identified a 72% increase in the volume of dark web forum posts referencing phishing and a 101% increase in the volume of compromised US payment cards with a high likelihood of being phished that were posted to the dark web.
- Dark web actors are increasingly advertising bank-specific phishing pages and associated services that target customers of small and mid-sized financial institutions. This marks an expansion from established methods of creating generalized phishing sites or phishing sites for major companies with large customer bases.
- Fraudsters leverage “useless” compromised payment card data and personally identifiable information (PII) and “bank leads” to harvest victims’ email addresses, phone numbers, and financial institutions for the purpose of creating target lists.
- While small and mid-sized financial institutions, as well as their customers, are less accustomed to targeted phishing campaigns, the well-established best practices for protecting against phishing attacks serve as their best mitigation strategies.