RSA, the security division of EMC today announced the findings of its 2013 Fraud Report. As per the report, India emerged as the top nation in APAC region in terms of phishing attack by volume closely followed by Australia and China. Estimated loss in India from phishing attacks stood at $225 million.
Globally, loss due to phishing attack was close to $5.9 billion which is significantly higher than $1.5 billion loss in 2012. The total number of phishing attacks in 2013 stood at 448,126 as against 445,004 the previous year. The overall trend in attack number showed a significant rise in volume through the year, reaching an all-time high in Q4 2013 (1, 41,254).
Key highlights from the report are:
-Brands in the U.S, the U.K, India and Canada were targeted by almost 57% of phishing attacks in the first half of 2013.
-USA and Canada remained the most targeted countries by phishing attacks in 2013 with a total of 63% of the phishing attacks directed at them.
-There has been a significant rise in phishing attacks in every Quarter in 2013, with Q4 seeing the most number of attacks.
Top countries targeted by phishing are United States, United Kingdom, Germany, India, South Africa, Canada, Netherlands, Colombia, Australia and Brazil.
2014 PHISHING FORECAST
Phishing, the cybercrime equivalent of pickpocketing, is a crime that is easily committed with very little cost to the attacker: cheap (criminal) hosting services—offered mostly on top of hijacked websites—are abundantly available. If spamming 500,000 emails addresses only set you back a mere $65, it is no surprise that phishing attack volumes are not dropping.
-Phishing volumes will not drop considerably, though we may see a slight decline. The decline will be mainly due to growing adoption of email authentication, namely DMARC, which together with tighter policy should help in the reduction of phishing emails received by end users. However, wider global adoption (into LATAM and APJ) still plays a major factor in the battle against phishing.
-Big data analytics and broader intelligence collection will lead to faster detection and quicker mitigation, resulting in lower financial losses. With the millions of spam messages traversing the internet on a daily basis, separating the wheat from the chaff has become far more challenging. Advancements in phishing techniques and methods also serve to add a layer of complexity when it comes to detection. Deploying analytics into the detection process provides a way to see though the noise and get to the phish faster. Coupled with broader intelligence collection, attacks may be prevented before they are launched.
-Greater end user awareness will serve to reduce losses. Cyber awareness has become a mainstream conversation topic—people are becoming more aware of the dangers in the digital world. More awareness translates directly into fewer losses.