APWG Q4 Report: Phishers Target Retail Sites While Crimeware Proliferation Explodes
May 2015 by APWG
The APWG reports in its new Phishing Activity Trends Report that during the 4th quarter of 2014, a record number of crimeware variants were detected, a strategy of overwhelming proliferation of variations designed to defeat antivirus software. Meanwhile, phishers increasingly targeted retail and service sites, hoping to take advantage of the burgeoning numbers of online shoppers.
© Tischenko Irina
During the 4th quarter of 2014 the number of malware variants figure broke a new record, with 23,500,000 malware samples detected—an average of 255,000 new threats each day, according to Trends Report contributor, PandaLabs. This was up 59 percent from 160,000 samples per day in the second quarter of 2014.
Never in the history of computer security has the amount of new malware created been so high, according to Luis Corrons, PandaLabs Technical Director and Trends Report contributing analyst. The great majority of these malware strains are variants of existing malware modified by their creators to evade antivirus software used by Internet consumers. The escalating numbers illustrate the adaptability of the code and the creativity of the malware authors in extending the polymorphic obscuration scheme to such a degree. About one-third of computers worldwide were probably infected with malware of some sort, according to Corrons.
Retail/Service was the most-targeted industry sector in the fourth quarter of 2014, representing 29.37 percent of phishing sites, not a great surprise during the holiday season. Payment Services continued to be popular targets, with 25.13 percent of attacks during the three-month period, according to APWG member Internet Identity. “The final quarter of 2014 also witnessed a raft of email-based phishing attempts against well-established financial institutions, possibly timed to coincide with both the holiday spending increase and heightened consumer fears in the wake of corporate security breaches,” said Carl Leonard, Principal Security Analyst, Websense Security Labs.
The full text of the report is available here: