Story image

Webroot sheds light on the short, sharp lifecycle of phishing websites

12 Dec 16

Phishing websites have shorter lifecycles than ever before, but their numbers becoming much more prevalent - and Google, Paypal, Yahoo and Apple are the main targets, according to new Quarterly Web Update findings from Webroot.

84% of phishing sites exist for less than 24 hours, and the average life cycle is less than 15 hours, the company found. However, an average of more than 400,000 phishing sites are cropping up each month, and most of those are hidden within unused domains.

Phishing sites are becoming much more cunning, playing on sophisticated techniques to get information from people and companies.

Webroot CTO Hal Lonas says phishing sites can even exist for as few as 15 minutes.

“In years past, these sites could endure for several weeks or months, giving organisations plenty of time to block the method of attack and prevent more victims from falling prey. Now, phishing sites appear and disappear in the span of a coffee break, leaving every organisation, no matter its size, at an immediate and serious risk from phishing attacks," Lonas says.

Webroot also found that old techniques that used static or crowdsourced blacklists of bad domains and URLs must now be abandoned. Additionally, all URLs must be checked each time they are requested because it takes only seconds for a genuine website to be compromised.

Google is also the most targeted 'high risk' organisation, with 21% of all phishing sites impersonating the company between January and September this year. Paypal, Yahoo and Apple were close behind.

Webroot says that cloud-based machine learning is the only way to prevent malware, ransomware, phishing and other cyber threats. These are able to keep not only keep up with the scale of attacks, but also attack methods, such as polymorphic behaviours.

The company says cloud-based machine learning also shows how millions of objects, including good and bad objects, communicate online.

"When it comes to finding the richest and most highly differentiated source of input for cloud-based machine learning driven security, nothing beats real-world endpoint and web sensor data. Organisations that incorporate real-world data from millions of endpoint sensors are better positioned to identify never-before-seen and zero-day threats the moment they emerge, anywhere in the world," Webroot concludes.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.