Phishing attacks are fraudulent email messages or copycat websites that appear legitimate and almost half of all phishing attacks that were registered in 2016 by heuristic detection technologies, were aimed at stealing their victim’s money. This was found according to an analysis of the financial threat landscape conducted by Kaspersky Lab company experts.

This proves to be a significant jump compared to 2015. The amount of financial phishing attacks increased 13 percentage points in 2016 to comprise 47.48% of all registered phishing attacks. (Fortunately, these were attacks blocked by heuristic detection technologies.)

In 2016, Kaspersky Lab’s anti-phishing technologies detected almost 155 million user attempts to visit different kinds of phishing pages and almost half were attempts to visit a financial phishing page.

For example, attacks where the aim was to obtain valuable personal information from users such as their account numbers for banking, credit accounts, social security numbers, and the login and passwords they use to access online banking.

The cybercriminals intended to use this information to steal money from their victims. This is the highest share of financial phishing registered to date.

Banking phishing schemes are the absolute leaders among all types of financial phishing and have always been one of the easiest ways for cybercriminals to earn illegal money because you don’t have to be a skilled programmer, and you don’t have to invest lots of money into supporting infrastructure.. These attacks are using tactics such as using fake online banking information, or other content related to banks, the share of phishing related to payment systems and e-shops

Luckily, most phishing schemes are easy to recognize and avoid, but judging by the statistics, lots of people are still not cautious enough when it comes to dealing with financial data online.

How to Protect Yourself from Phishing:

  • When paying online always check the legitimacy of the website. The connection should be protected with Https, and the domain should belong to the same organization that you’re going to pay.
  • Always check the legitimacy of emails that you’re receiving from famous brands, even if it urges you to do something urgently, like change your password etc. first, make sure that it was sent by a legitimate party contact your bank or payment system representative to find out if the email really has been sent by them to you.
  • Don’t click the links in emails or web-pages if you have doubts about their legitimacy.
  • Use a proven security solution with behaviour-based anti-phishing technologies. This will make it possible to identify even the most recent phishing scams which haven’t yet been added to anti-phishing databases.