In addition to the ever prevalent issue of COVID-19 and the problems that came with it, phishing attacks represented another headache users had to deal with in these troubling times.
Phishing attacks involve using spoofs of popular websites and brands to deceive the user into revealing their identifying information on the website in order to extort their personal data.
A report published by Webroot and OpenText states that in comparison with 2019, phishing attacks grew by an astonishing 34.4% in 2020, with a 510% increase seen in the first two months
of the year.
Over 285 million real-world endpoints and sensors were observed in the reports. Besides this, specialized third-party databases were also observed as well as incorporated intelligence from end-users such as Cisco and Citrix to demonstrate the rise of phishing attacks.
eBay’s Dominance for Phishing
The five main targets for phishing attacks for the year were eBay, Apple, Microsoft, Facebook, and Google, with eBay falling victim to the most attacks. It was detected that three out of every ten phishing attacks in February 2020 targeted the online auction site.
By March, the coronavirus pandemic struck, which saw noteworthy increases in phishing attacks towards streaming websites. Attacks rose on YouTube by 3,064%, on Netflix by 525%, and on Twitch by 337%.
The co-author of the report, Prentiss Donohue of OpenText, also stated that cybercriminals and threat actors are evolving and are able to use newer and more sinister tactics to extract the data of users. They do this by framing their phishing attacks and strategies with regards to current events which fool the unsuspecting user.
Why it is Vital to Secure Devices and Data
These attacks further emphasize how crucial it is for users and businesses, regardless of their size or structure, to adopt a multi-layered approach to data security in order to fend off these threats or, at the very least, minimize their impact.
Included in the report were details of how these cybercriminals were able to access and use such data effectively. During 2020, 54% of phishing sites used HTTPS. This meant that hackers were able to bypass the defenses of assurance browsers when they got access to HTTPS-based websites.
After receiving personal login details through phishing attacks, cybercriminals were able to swiftly and efficiently secure this data in their records. Multiple devices surveyed by Webroot were contaminated with some form of malware infection. This left these devices at risk to even more attacks in the future.
These devices were not simply limited to computer devices either, as, among the mobile devices observed by Webroot, 96% of all detected attacks consisted of Trojans and malware found on Android devices.
An important reason as to why hackers were able to target Android phones so quickly was the reluctance of people to update their phones to the latest software. The outdated software accounted for 90% of the infections and viruses found on these devices.