Akamai Threat Research: Phishing and Credential Stuffing Attacks Remain Top Threat to Financial Services Organizations and Customers
01/08/2019
Cambridge, MA | July 31, 2019
Newly released data from Akamai's 2019 State of the Internet / Security Financial Services Attack Economy Report has found that 50% of all unique organizations impacted by observed phishing domains were from the financial services sector. The data shows that, in addition to unique phishing attempts, adversaries also leveraged credential stuffing attacks to the tune of 3.5 billion attempts during an 18-month period, putting the personal data and banking information of financial services customers at risk.
The report indicates that between December 2, 2018 and May 4, 2019, nearly 200,000 (197,524 to be exact) phishing domains were discovered, and of those domains, 66% targeted consumers directly. When taking the phishing domains targeting consumers only into consideration, 50% of those targeted companies in the financial services industry.
We've seen a steady rise in credential stuffing attacks over the past year, fed in part by a growth in phishing attacks against consumers, said Martin McKeay, Security Researcher at Akamai and Editorial Director of the State of the Internet / Security Report. Criminals supplement existing stolen credential data through phishing, and then one way they make money is by hijacking accounts or reselling the lists they create. We're seeing a whole economy developing to target financial services organizations and their consumers.
Once criminals have succeeded in their schemes, they need to process their ill-gotten data and funds. As Akamais report highlights, one method of dealing with this situation centers on bank drops' - packages of data that can be used to fraudulently open accounts at a given financial institution. Bank drops will typically include a persons stolen identity - often called fullz by criminals online, including name, address, date of birth, Social Security details, drivers license information, and credit score. Secure access to the fraudulent accounts comes via remote desktop servers, which are matched to the geographic location of the bank and the fullz.
Financial institutions continue to investigate the ways in which criminals are opening these drop accounts, and are working diligently to stay ahead of the curve. What most businesses don't realize, however, is that criminals are recycling old attack methods.
Akamai's findings revealed that 94% of observed attacks against the financial services sector came from one of four methods: SQL Injection (SQLi), Local File Inclusion (LFI), Cross-Site Scripting (XSS), and OGNL Java Injection (which accounted for more than 8 million attempts during this reporting period). OGNL Java Injection, made famous due to the Apache Struts vulnerability, continues to be used by attackers years after patches have been issued.
In the financial services industry, criminals have also started launching DDoS attacks as a distraction to conduct credential stuffing attacks or to exploit a web-based vulnerability. Over the course of 18 months, Akamai uncovered more than 800 DDoS attacks against the financial services industry alone.
Attackers are targeting financial services organizations at their weak points: the consumer, web applications and availability, because that's what works, said McKeay. Businesses are becoming better at detecting and defending against these attacks, but point defenses are bound to fail. It requires being able to detect, analyze, and defend against an intelligent criminal who's using multiple different types of tools for a business to protect its customers. For more than twenty years, Akamai has been leveraging its unique visibility into the full spectrum of attacks to help protect customers from these types of ever-evolving nefarious activities.
The criminal economy thrives, in part, because they target the financial services industry. By targeting banks for example, criminals attempt to steal sensitive data, and then turn around and use that same data to open fake accounts and lines of credit. Its a continuous cycle of crime. There is a deep level of irony in the fact that criminals are targeting the very industry they need to survive. While financial institutions are becoming better at detecting these attacks, adversaries continue to find success with old tricks, and that's a problem.
The Akamai 2019 State of the Internet / Security Report is available for download here. For additional information where the security community can access, engage with, and learn from Akamai's threat researchers and the insight that the Akamai Intelligent Edge Platform affords into the evolving threat landscape, visit Akamai's Threat Research Hub.
About Akamai Akamai secures and delivers digital experiences for the world's largest companies. Akamai's intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps and experiences closer to users than anyone - and attacks and threats far away. Akamai's portfolio of edge security, web and mobile performance, enterprise access and video delivery solutions is supported by unmatched customer service, analytics and 24/7/365 monitoring. To learn why the world's top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global co
LINK: | https://www.akamai.com/uk/en/about/news/press/2019-press/state-of-the-... |
See more stories from akami |
Most recent headlines
09/12/2024
Dalet Named an IDC Innovator in Media and Entertainment
Dalet, a leading technology and service provider for media-rich organizations, today announced that it has been named an IDC Innovator in the IDC Innovators: ...
09/11/2024
Dalet Expands Leadership Team to Fuel Next Stage of Growth
Dalet, a leading technology and service provider for media-rich organizations, today announced three new members of its executive team. Tara Bryant joins as Chi...
18/09/2024
Line up revealed for World's Most Dangerous Roads S6
Johnny Vegas & Lucy Beaumont and Babatunde Al sh & Kae Kurd arethecomedians taking part in brand new episodes of World's Most Dangerous Roads, which return...
18/09/2024
TV channel Gold's Absolutely Fabulous: Inside Out is joined by celebrities Emma Bunton, Meera Syal, Ruby Wax and more
The nation's favourite comedy channel, Gold, is set to take a reflective loo...
18/09/2024
Press Release: ToolsOnAir Wins 2024 OEM & Developer Award from Blackmagic Design at IBC
Press Release: ToolsOnAir Wins 2024 OEM & Developer Award from Blackmagic Design...
18/09/2024
A Different Man Is a Triumph That Lingers Long After Credits Role
Warning: This feature contains spoilers about the film. By Bailey Pennick Aaron Schimberg kept it brief in his introduction before A Different Man had its wor...
18/09/2024
Mi Primer Escenario' ofrece a los artistas emergentes en Mxico la oportunidad de tomar el escenario en MEXCLA Spotify
Apoyar a los artistas emergentes es parte fundamental del ADN de Spotify. Ahora ...
18/09/2024
Mi Primer Escenario' Offers Emerging Mexican Artists a Chance To Perform at MEXCLA Spotify'
Supporting emerging artists is a fundamental part of Spotify's DNA, and we...
18/09/2024
Karmic lessons and laughs with new SBS podcast Comedy Karma'
Karmic lessons and laughs with new SBS podcast Comedy Karma' 18 September, 2024 Media releases Join the ever-curious stand-up comedian Aditya Gautam a...
18/09/2024
Clear-Com Supports the Next Generation of Media Professionals at Rise Academy Summer...
eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({...
18/09/2024
Nielsen launches Advanced Audiences, enhancing digital campaign precision, reach and effectiveness across Australia and New Zealand
Sydney, September 18, 2024 - Nielsen today announced the launch of Advanced Audi...
18/09/2024
Heartland Video Systems Welcomes Industry Veteran Dan Whe...
Heartland Video Systems (HVS), a premier video systems integration and consulting firm, is proud to announce the appointment of Dan Whealy as Director of Busine...
18/09/2024
Clear-Com Supports the Next Generation of Media Professio...
Clear-Com is proud to have participated in the Rise Academy Summer School 2024, a transformative experience aimed at introducing young people to the dynamic wor...
18/09/2024
Amplify Berklee Honors the Legacy and Celebrates the Future of Berklee City Music
Amplify Berklee Honors the Legacy and Celebrates the Future of Berklee City Musi...
18/09/2024
Riedel Expands Its Range of NSA Network Stream Adapters
Riedel Communications today announced the launch of two new additions to its acclaimed Network Stream Adapter (NSA) series: the NSA-003A and NSA-006A. Unveiled ...
18/09/2024
WDR Relies on Riedel Backbone for Remote Production of UE...
The German regional public broadcaster Westdeutscher Rundfunk (WDR) has implemented a Riedel backbone for communications and signal distribution for the ARD bro...
18/09/2024
Amagi Expands Footprint in Latin America with Mexico Entr...
Amagi, the global leader in cloud-based SaaS technology for broadcast and connected TV (CTV), today announced that it is entering the Mexican market. This strat...
18/09/2024
ITV to Modernize Its Media Supply Chain With Cloud-Native...
SDVI, the leading platform provider for cloud-native media supply chains, today announced that U.K. broadcaster ITV is deploying the SDVI Rally platform as part...
18/09/2024
Triveni Digital SCTE TechExpo24 Exhibitor Preview
ATSC 3.0 is gaining momentum across the U.S., and for cable operators, ensuring top-notch service quality is more important than ever. Monitoring the performanc...
18/09/2024
Amagi and BuyDRM Partner to Secure Streaming Video on Pla...
Amagi, the global leader in cloud-based SaaS technology for broadcast and connected TV (CTV), today announced a partnership with BuyDRM, a leading content secur...
18/09/2024
Charter Bumps Up Broadband Speeds, Unveils New Bundle Pricing
STAMFORD, Conn. Spectrum has made a series of announcements that include a new simplified pricing strategy, increased broadband speeds and new customer service ...
18/09/2024
Lawo Doubles the Number of HOME Apps
Lawo has announced that its HOME Apps platform now hosts nine essential processing apps, effectively doubling the previous offering with more apps to follow in ...
18/09/2024
Gray, New Orleans Pelicans Announce New Sports Network
Gray Media is partnering with the New Orleans Pelicans to create a new network that promises to bring every non-national Pelicans NBA game to its viewers....
18/09/2024
Fox Weather Expands Distribution to DirecTV
NEW YORK Fox News Media has announced that Fox Weather, a free ad-supported streaming television service (FAST), is now available to DirecTV customers....
18/09/2024
NAB Show New York Exhibitor Insight TAG Video Systems
TV TECH: What do you anticipate will be the most significant technology trends at the 2024 NAB Show New York?...
18/09/2024
Key Conversations With News, Sports Panels on Tap at NAB Show New York
Broadcast, media and entertainment leaders will gather once again at NAB Show New York in October to explore key innovations and strategies reshaping how conten...
18/09/2024
SCTE Foundation Rebrands
EXTON, Pa. The SCTE Foundation has announced a comprehensive relaunch of its efforts. The relaunch includes new branding that will be on display at the Georgia ...
18/09/2024
Viant Technology Launches New Programmatic Ad Solution, ViantAI
IRVINE, Calif. Viant Technology Inc. has launched ViantAI, an advanced AI-powered platform that it says will reshape how programmatic advertising is planned, pu...
18/09/2024
Blackmagic Design Announces Pricing for Blackmagic URSA Cine 17K 65
Blackmagic Design Announces Pricing for Blackmagic URSA Cine 17K 65 Brie Clayton September 17, 2024 0 Comments Revolutionary large format digital film...
18/09/2024
Avid | Stream IO ingest & playout solution now supports SMPTE 2110
Avid | Stream IO ingest & playout solution now supports SMPTE 2110 Brie Clayton September 17, 2024 0 Comments Avid's next-gen software-based produ...
18/09/2024
Telemundo's Celebrando Todo Lo Que Somos' Marks Hispanic Heritage Month
NBCUniversal's Telemundo Enterprises is marking Hispanic Heritage Month with year four of its multiplatform initiative with the slogan Celebrando Todo Lo Q...
18/09/2024
Hispano Soy' Marks Hispanic Heritage Month on Warner Bros. Discovery U.S. Hispanic Nets
To celebrate Hispanic Heritage Month, Warner Bros. Discovery U.S. Hispanic is la...
18/09/2024
MeTV Toons Plans Spooky Sundays in October
As Halloween approaches, MeTV Toons will feature frightful Sunday programming. On October 13, it's a scary Flintstones block 1-3 p.m., then Scooby-Doo! 3-5 ...
18/09/2024
TMZ Investigates Matthew Perry and His Death in Sept. 16 Special on Fox
TMZ takes a close look at actor Matthew Perry and the drug network that led to his death when TMZ Investigates: Matthew Perry & the Secret Celebrity Drug Ring a...
18/09/2024
Olympics Boost Broadcast, Peacock Viewing in August
The Paris Summer Olympics gave a boost to broadcast and popped on Peacock in August, according to Nielsen....
18/09/2024
Gray Forms Gulf Coast Network To Broadcast Pelicans NBA Games
Gray Media is forming a new venture called Gulf Coast Sports & Entertainment Network that will carry all of the locally televised games of the NBA's New Orl...
18/09/2024
LG Study: Asian-American Viewers Prefer Streaming Ads
LG Ad Solutions shared a new report The Inclusive Screen: Asian Americans, which found that 70% of Asian Americans feel that streaming TV ads are more relevant...
18/09/2024
VideoAmp Says It Serves as Currency in $1 Billion of Media Deals
Measurement company VideoAmp said that $1 billion in media buys have already been guaranteed using its measurement as a currency this year....
18/09/2024
Kenny Smith Will Host Season 3 of Harlem Globetrotters: Play It Forward'
Kenny Smith, former NBA star and current TNT Sports analyst, will be the host of Harlem Globetrotters: Play It Forward for Season 3, which premieres Saturday, O...
18/09/2024
ESPN's Jimmy Pitaro Reflects on ESPN Turning 45, Launch of a New App in 2025, and the Role of AI, RSNs
ESPN's Jimmy Pitaro Reflects on ESPN Turning 45, Launch of a New App in 2025...
18/09/2024
Chicago Sports Network Agrees to OTA-TV Deal With Millennial Telecommunications' WJYS-TV
Chicago Sports Network Agrees to OTA-TV Deal With Millennial Telecommunications&...
18/09/2024
New Orleans Pelicans Ink OTA-TV Distribution Deal With Gray Media; Raycom Sports To Produce All Games
New Orleans Pelicans Ink OTA-TV Distribution Deal With Gray Media; Raycom Sports...
18/09/2024
Seattle Kraken Officially Launch Kraken Hockey Network, Promise Biggest Regional Production in the NHL'
Seattle Kraken Officially Launch Kraken Hockey Network, Promise Biggest Regiona...
18/09/2024
New Victory+ Free, DTC Streaming Service From Dallas Stars and APMC Goes Live
New Victory Free, DTC Streaming Service From Dallas Stars and APMC Goes Live In addition to all Stars games, Victory will carry Anaheim Ducks games this seaso...
18/09/2024
ESPN Looking to Hire Drone Pilot
ESPN Looking to Hire Drone Pilot By Ken Kerschbaumer Wednesday, September 18, 2024 - 4:30 pm Print This Story | Subscribe Story Highlights Have the ski...
18/09/2024
Only on Netflix! With Stars like Rodrigo Santoro and Rafael Vitti, Four Brazilian Films Are Starting Production From Bahia to Bariloche
Back to All News Only on Netflix! With Stars like Rodrigo Santoro and Rafael Vi...
18/09/2024
Haivision Wins Prestigious IBC Innovation Award for its Live Video Contribution Solutions over Private 5G Networks
Haivision Wins Prestigious IBC Innovation Award for its Live Video Contribution ...
18/09/2024
Eutelsat Group Secures Additional Launches in New Agreement with Mitsubishi Heavy Industries
Photo credit: Mitsubishi Heavy Industries, Ltd Press release - 18 September 20...
18/09/2024
2024-09-18
iPadOS 18 makes the iPad experience more versatile and intelligent than ever, and is available today as a free software update. iPadOS 18 brings incredible new ...
18/09/2024
Telespazio and ABS Partner to Deliver Enhanced Connectivity Services for the Brazilian Air Force System
Telespazio and ABS Partner to Deliver Enhanced Connectivity Services for the Bra...