According to the Anti-Phishing Working Group, the main targets of campaigns registered in Brazil are “software as a service” and webmail services, followed by financial institutions and e-commerce services.
In one of the talks at the latest edition of the BlackHat security conference, held in August this year, Elie Bursztein from Google and Daniela Oliveira from the University of Florida explained why phishing attacks are still so effective today. The experts identified some key points to explain this phenomenon, including: its constant evolution, the persuasion techniques they use and the lack of knowledge among users about what phishing is.
Phishing campaigns via email are one of the most common cyprus phone number data methods used by cybercriminals to carry out an attack. Most users have probably opened an email at some point that pretends to be from a company and asks them to click on a link or download an attachment, considering that this is a practice that has been around for over 20 years.
Learn about one of the main security tools for your company: ESET Secure Authentication.
In Brazil, according to information published by the Anti-Phishing Working Group (APWG), phishing on mobile devices has increased and cybercriminals behind phishing campaigns have targeted “software as a service” (SaaS) and webmail services, followed by financial institutions and e-commerce services. In addition, attackers have also deployed malware targeting multiple banks simultaneously. In total, 3,220 phishing cases and 180 malware cases were observed between January and March 2019. These attacks were mainly aimed at Brazilian brands or foreign services that are available in Portuguese in Brazil.
Source: Phishing Activity Trends Report, produced by the Anti-Phishing Working Group (APWG).
But before we continue, let's explain what phishing is so that the concept can also become clearer to some readers. Phishing is a malicious message spread through digital means, such as email or WhatsApp, that seeks to influence a user to take an action contrary to their interests, such as clicking on a malicious link, opening a malicious attachment, or even reading false information. The consequences of phishing can range from installing malicious software, stealing account access credentials, and/or manipulating user opinions.
To understand the growth of phishing in the current security scenario, Google, for example, blocks more than 100 million phishing emails per day. On the other hand, according to a global report published this year by Verizon, 32% of known security breaches in 2018 began through phishing and 78% of security incidents aimed at spying or installing a backdoor were carried out through phishing attacks.