As we get further into 2019, it’s time to look back on 2018, and some of the data breaches and phishing attacks that received some attention. First, no matter the scale of a phishing attack, if it happened to you personally, I’m sure you took notice. That said there were some large data breaches in 2018 that made the news.
First, some numbers to consider…
According to the Identity Theft Resource Center (ITRC), hacking, which represents phishing, ransomware/malware, and skimming, accounted for nearly 60 percent of all data breaches in 2018. What’s perhaps more alarming is that these attack vectors continue to grow steadily year over year. Further, while the number of attacks decreased slightly from 2017 to 2018, the number of exposed records compromised in the attacks more than doubled.
The ITRC data suggest that hacking, with phishing being the predominant attack vector in the category, is on the rise. Furthermore, the severity of the data breaches and phishing attacks seem to be getting more severe as the number of records compromised is on the rise.
This data is supported by a Microsoft’s Security Intelligence Report, which revealed a large jump in phishing attacks. In fact, according to the report, phishing attacks have increased 250 percent in 2018. What might be even scarier than that is that Microsoft see’s nearly .55 percent of all inbound emails are phishing in nature. That might seem like a low number until you start thinking about the total number of inbound emails you and your organization receive on a daily basis.
According to Business Insider, here were the top data breaches of 2018 ranked by the number of people affected:
- Aadhar – 1.1 billion
- Marriott Starwood Hotels – 500 million
- Exactis – 340 million
- MyFitnessPal – 150 million
- Quora – 100 million
- MyHeritage – 92 million
- Cambridge Analytica – 87 million
- Google+ – 52.5 million
- Chegg – 40 million
- Facebook – 29 million
While not all these data breaches started with a phishing attack, the 2018 Verizon Data Breach Investigations Report concludes that phishing is represented in 93 percent of breaches. That high percentage would indicate that protecting yourself and your organization from phishing schemes needs to be a network security priority.
We’ve noticed that threat actors are using an ever-expanding variety of tricks to produce more legitimate looking phishing sites and to disguise malicious files and file extensions to evade detection. These tactics often trick users into downloading or executing file-based malware or installing rogue HTML-based browser extensions that evade detection by endpoint anti-virus and sandbox-based protections.
Social engineering and phishing attacks aimed at credential stealing is also something we saw plenty of and remains a significant threat to network security. Often, a fake login page is a near identical copy of a legitimate login page, causing even tech-savvy users to give up their credentials. Many of these rogue sites are often unknown (zero-hour) and unblocked by existing URL filtration and blocking defenses.
For more detail on phishing attacks, be sure to get our Quarterly Threat Intelligence Report, which highlights some of the threats and trends detected by our platform and analyzed by our security research team. Every day our system analyzes billions of data points across millions of sites and thousands of customer endpoints. It detects malicious phishing sites as well as the presence of malware and post-infection callbacks to Command and Control (C&C) servers. The report provides insights and actionable intelligence to help readers better understand and manage protections against the changing threat landscape.
With 2018 in the rear-view mirror, it will be interesting to see how these trends play into 2019. Stay tuned for updates at our blog.