Nearly 500 Million Fake Website Pages Invade 2018 Phishing Emails

The latest Kaspersky Lab report Spam and Phishing 2018 sheds a huge spotlight on the most popular hacking technique to date. In 2018, 482 million bogus websites were sent to inboxes everywhere. Users were hit with email phishing, including fake website pages. Never known to miss an opportunity, hackers used creative topics for lures, including the 2018 FIFA World Cup and Apple’s latest iPhone launch. With spam emails accounting for 53.5% of email traffic worldwide, there’s a good chance that many of the emails clogging your inbox are fake. We know a world of hurt is waiting for those who get caught in a phishing scam, including financial mayhem and identity theft. Ouch.

Historically a favorite target for all types of hacking, financial institutions are squarely in a hacker’s cross-hairs and phishing efforts are anything but slowing down. In fact, 44% of all phishing campaigns involved banking, credit organizations, online shopping, and payment systems. Taking a global look at phishing in 2018, the countries most targeted were China at 11.69%, the U.S. in second with 9.04% (the year prior, the US was first), and Germany in third at 7.17%. If you live in the U.S., prepare to receive a phishing email from your financial institution or credit card company. It will likely end at a bogus financial web page. If you take the bait, data like account numbers and passwords will belong to the hacker. After that happens, they’re off with your money and maybe much more.

Keeping the financial industry cybersafe is proving a serious challenge. Financial institutions need to be prepared with systems that thwart hacks and protect client data. On the other hand, cybercrooks don’t let up. Knowing that, the first defense against phishing just might be the individuals who navigate cyberspace every day, at home or at work. One of a hacker’s greatest foes is a user who knows the signs of email phishing. Below are suggestions to keep yourself safe from phishing emails, especially those targeting your finances:

- Always use a secured Wi-Fi with a password, especially when visiting sensitive websites like your financial institution and investment sites. Using public Wi-Fi puts you in danger of being hacked; and hackers can redirect you to phishing pages in a heartbeat. Also consider using a VPN that works for you when hooking up to public Wi-Fi. Just research to ensure you’re not downloading a malicious one.

- If you’re not expecting an email, approach with caution. There’s a good chance that these links or attachments are fake or full of malware. It’s not worth the risk to find out.

- Always double-check URLs. Make sure the address is genuine and not a cover for a hyperlink. Hackers easily create bank and other look-alike addresses, so carefully check the URL spelling and look for odd characters.

Stickley on Security
Published April 23, 2019