2017 Was an Excellent Year for Criminals Executing Phishing Attacks

Internet users are subject to some major external threats these days. It has become evident that phishing is still one of the biggest concerns to take note of right now. A new report issued by APWG shows that cryptocurrency users are – and will remain – a major target for phishing campaigns.

The Future of Phishing Attacks

Any report related to phishing attacks needs to be taken seriously these days. Even though some people will dismiss phishing as something users bring upon themselves by not taking the necessary security precautions, criminals are also getting a lot craftier when it comes to tricking people into visiting fake websites. A new report from APWG covers phishing activity during the first half of 2017 and shows that the number of phishing attacks rose despite security firms’ best countermeasures.

One of the more worrisome trends highlighted in this report is that criminals are starting to use better domain names for their phishing purposes. There has been an increase in country-code top-level domain names being used for this specific purpose, which is not a positive development. There has also been an increase in the number of regular .com and .net domain names related to phishing activities. As most cryptocurrency users have noticed, the domain names used by phishers have resembled the real deal quite closely as of late.

While none of these threats are exactly new, it goes to show there is still a lot of work to be done to protect cryptocurrency users from such attacks. Whether or not any security firms can make any impact in this regard remains to be determined as of right now. Methods of attack include email phishing, SMS phishing, and even fake phone calls. So far, all of these attack vectors have proven to be more than successful.

With nearly 300,000 unique phishing attacks reported in the first half of 2017, it is clear something needs to be done sooner rather than later. Although “only” 640 brands were involved, these phishing attacks were targeted at 15 million users. Although the actual damage has yet to be assessed, it is possible billions of dollars were lost in the process. A portion of that amount came from cryptocurrency phishing.

It is evident that consumers will need to take matters into their own hands. Any incoming link, email, or text message from an unknown sender needs to be scrutinized. Even so, there is still a good chance that some attacks will slip through, potentially exposing thousands of users to criminal creativity. Especially in the mobile department, more solutions need to be found sooner rather than later.

It is a bit unclear what the future holds for cryptocurrency-related phishing. With multiple exchanges having been targeted in 2017, it seems we can expect more of the same throughout 2018. Combating this growing trend is virtually impossible unless the entire industry comes together and creates a united front. We can only hope future reports will be more positive than last year’s, but for now, it seems highly unlikely that will be the case.