NormShield, an onlie security company specializing in providing organizations with cyber risk assessments, released it’s new State of Financial Phishing Q1 2019 report. The report shares statistics about phishing attacks throughout the quarter, as well as insights and tips into how SMB and enterprise merchants can avoid falling victim to hackers.
One of the new phishing attack trends of note in 2019 is fraudsters increasingly common ability to mimic the green padlock icon in browser URL bars. This had been considered a key indicator of security, and both merchants and consumers commonly believe sites with the icon to be safe. But while that may have been the case previously, it is no longer the foolproof indicator it once was.
“The padlock icon ( ) at the browser’s address bar (https at the URL) indicates that adomain has a valid SSL or TLS certificate and a certain level of security,” the report says. “However, 15% ofpotential phishing domains registered in H1 of 2019 impersonated banks having validcertificates.”
The report predicts that with the number of sophisticated hackers increasing, and the trust place in the green padlock, this type of attack will be considered an opportunity thieves will increasingly exploit.
Phishing Attacks Impersonating Banks
In addition to the new green lock phenomenon, the report outlines a number of stats about the increasing ubiquity of phishing sites. The proliferation of these kinds of sites indicates that phishing continues to grow as a fraud phenomenon, with merchants of all kinds forced to pay greater attention to avoid the negative potential consequences of exposing their sensitive corporate information — or their customers’ personal information — to fraud.
- Nearly 2K phishing domains were registered in the first half of 2019
- There as a 14% increase in potential phishing domains
- There is now double the risk that potential phishing domains were certified by registrars
Specifically, the report outlines attempts merchants should watch out for, including increasingly common efforts by fraudsters to mimic banking institutions from around the globe.