A new Trustwave SpiderLabs study reveals "interesting changes" in delivery methods, techniques, themes, and target brands of email phishing directed against financial services.
Free access to this article is provided to you by MU Group.
Fraudsters using phishing messages in their attacks targeted at financial services most often impersonate the technology giant Microsoft and the international banking company American Express. This is according to the 2023 Financial Services Sector Threat Landscape report prepared by Trustwave SpiderLabs, which analyzes the threats faced by the financial services industry.
The report lists phishing and malicious software transmitted by email as the two most commonly used methods of gaining access to organizations, with Trustwave SpiderLabs observing "interesting changes" in delivery methods, techniques, themes, and targeted brands of attacks on financial services in the past year. According to the report, such changes have contributed to the further significance and effectiveness of these types of attacks.
Financial services are increasingly in the crosshairs of cybercriminals. Recent research conducted by Akamai showed an increase in the number of attacks on web applications and application programming interfaces (APIs) aimed at the global financial services industry. These attacks increased by 65% in the second quarter of 2023 compared to the second quarter of 2022. The study also showed that the financial services sector is currently the main target of DDoS attacks, with the EMEA region accounting for 63.5% of global DDoS events.
Data from Trustwave SpiderLabs' financial services client base also indicate that HTML files are the most common malicious attachments in emails and account for 78% of all assessed malicious attachments. They are mainly used for phishing authentication data, redirects, and smuggling HTML, with 33% of such files using obfuscation as a way to avoid defense. According to the report, attackers rarely used PDF files (3%), Excel (2%), and Word documents (1%).
Voice notifications, payment receipts, purchase orders, money transfers, bank deposits, and quote requests were the most common themes of malicious email attachments, with American Express (24%), DHL (21%), and Microsoft (15%) being the most frequently counterfeited brands.
From customizing your CV, to simulating job interviews. Here are four ways to use AI capabilities to land your dream job.
In 2024, AI will bring about significant changes in the area of project and human resources management in small and medium-sized companies, and its proper use can affect not only work efficiency, but also savings. How to make the potential of this technology work to the benefit of your company?
As the only company in the world, it is able to produce processors in the most advanced 3 nm technology. In addition, it owns the most expensive factory ever built, and its clients are Apple, NVIDIA and Intel. How did it happen that Taiwanese TSMC became one of the most important companies in the world?
The European Union has decided to extend the ban on so-called behavioral advertising on Facebook and Instagram services. The previous ban introduced by Norway, a country not a member of the EU, will now apply in 30 community countries.
English