Often posing as legitimate organizations, phishing attackers continue to deceive credit union members and bank customers into disclosing their personal information and account credentials, according to a new report.

The Miami-based fraud protection firm Easy Solutions' report, “Know Your Enemy: Understanding Phishing Strategies,” analyzed more then 3,030 phishing attacks on the top 25 U.S. financial institutions that took place from September to December 2015.

The Easy Solutions research team grouped phishing sites into three main clusters, based on site creation and registration of site domains. The report also found the average number of potential targets per phishing attack was only 190 individuals.

This indicated willingness on the phishers' part to essentially “smash and grab,” and set up unique sites likely visited by only a very small number of victims, the firm said. Attackers either sell or use the stolen data to commit fraud, causing irreparable damage to financial institutions and account holders.

Easy Solutions researchers dove deeper into the data by identifying 12 subgroups, which helped the team understand the attackers' strategies, locations and motivations, the firm said.

“These findings are important because they demonstrate that it is possible to effectively characterize a diverse attacker population that is persistently launching attacks against a brand,” Daniel Ingevaldson, chief technology officer for Easy Solutions, said. “When institutions can more effectively characterize their attackers, they can then more successfully combat phishing attacks. Only by studying how these criminals operate can we develop more effective countermeasures, to help financial institutions reduce the rate of successful phishing attempts on their brands.”

According to Easy Solutions, understanding the different strategies used by criminal organizations to conduct phishing attacks is valuable, and has become critical to the development of more effective detection and takedown tools.

The research team grouped phishing sites into the following three main clusters, based on fake website creation techniques and domain registration:

Group 1: Sites neither resemble nor reference the original sites they targeted.

Group 2: Sites are copies of the target sites, with all page content hosted by the attackers themselves.

Group 3: Sites are copies of the target sites with references to most of the original site content. These are the simplest and easiest to deploy attacks.

Easy Solutions said when institutions can more effectively characterize their attackers, they can then more successfully combat phishing attacks – for example, by fine-tuning consumer education campaigns, changing website countermeasures or adjusting risk scoring during phishing campaigns.

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).