Sony Pixel Power calrec Sony

Akamai Threat Research: Phishing and Credential Stuffing Attacks Remain Top Threat to Financial Services Organizations and Customers

01/08/2019

Akamai Threat Research: Phishing and Credential Stuffing Attacks Remain Top Threat to Financial Services Organizations and Customers Latest State of The Internet / Security Report Observes 3.5 Billion Malicious Login Attempts Targeting the Financial Services Sector; Illustrates Akamai's Unique Threat Visibility

Cambridge, MA | July 31, 2019

Newly released data from Akamai's 2019 State of the Internet / Security Financial Services Attack Economy Report has found that 50% of all unique organizations impacted by observed phishing domains were from the financial services sector. The data shows that, in addition to unique phishing attempts, adversaries also leveraged credential stuffing attacks to the tune of 3.5 billion attempts during an 18-month period, putting the personal data and banking information of financial services customers at risk.

The report indicates that between December 2, 2018 and May 4, 2019, nearly 200,000 (197,524 to be exact) phishing domains were discovered, and of those domains, 66% targeted consumers directly. When taking the phishing domains targeting consumers only into consideration, 50% of those targeted companies in the financial services industry.

We've seen a steady rise in credential stuffing attacks over the past year, fed in part by a growth in phishing attacks against consumers, said Martin McKeay, Security Researcher at Akamai and Editorial Director of the State of the Internet / Security Report. Criminals supplement existing stolen credential data through phishing, and then one way they make money is by hijacking accounts or reselling the lists they create. We're seeing a whole economy developing to target financial services organizations and their consumers.

Once criminals have succeeded in their schemes, they need to process their ill-gotten data and funds. As Akamais report highlights, one method of dealing with this situation centers on bank drops' - packages of data that can be used to fraudulently open accounts at a given financial institution. Bank drops will typically include a persons stolen identity - often called fullz by criminals online, including name, address, date of birth, Social Security details, drivers license information, and credit score. Secure access to the fraudulent accounts comes via remote desktop servers, which are matched to the geographic location of the bank and the fullz.

Financial institutions continue to investigate the ways in which criminals are opening these drop accounts, and are working diligently to stay ahead of the curve. What most businesses don't realize, however, is that criminals are recycling old attack methods.

Akamai's findings revealed that 94% of observed attacks against the financial services sector came from one of four methods: SQL Injection (SQLi), Local File Inclusion (LFI), Cross-Site Scripting (XSS), and OGNL Java Injection (which accounted for more than 8 million attempts during this reporting period). OGNL Java Injection, made famous due to the Apache Struts vulnerability, continues to be used by attackers years after patches have been issued.

In the financial services industry, criminals have also started launching DDoS attacks as a distraction to conduct credential stuffing attacks or to exploit a web-based vulnerability. Over the course of 18 months, Akamai uncovered more than 800 DDoS attacks against the financial services industry alone.

Attackers are targeting financial services organizations at their weak points: the consumer, web applications and availability, because that's what works, said McKeay. Businesses are becoming better at detecting and defending against these attacks, but point defenses are bound to fail. It requires being able to detect, analyze, and defend against an intelligent criminal who's using multiple different types of tools for a business to protect its customers. For more than twenty years, Akamai has been leveraging its unique visibility into the full spectrum of attacks to help protect customers from these types of ever-evolving nefarious activities.

The criminal economy thrives, in part, because they target the financial services industry. By targeting banks for example, criminals attempt to steal sensitive data, and then turn around and use that same data to open fake accounts and lines of credit. Its a continuous cycle of crime. There is a deep level of irony in the fact that criminals are targeting the very industry they need to survive. While financial institutions are becoming better at detecting these attacks, adversaries continue to find success with old tricks, and that's a problem.

The Akamai 2019 State of the Internet / Security Report is available for download here. For additional information where the security community can access, engage with, and learn from Akamai's threat researchers and the insight that the Akamai Intelligent Edge Platform affords into the evolving threat landscape, visit Akamai's Threat Research Hub.

About Akamai Akamai secures and delivers digital experiences for the world's largest companies. Akamai's intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps and experiences closer to users than anyone - and attacks and threats far away. Akamai's portfolio of edge security, web and mobile performance, enterprise access and video delivery solutions is supported by unmatched customer service, analytics and 24/7/365 monitoring. To learn why the world's top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global co
LINK: https://www.akamai.com/uk/en/about/news/press/2019-press/state-of-the-...
See more stories from akami

Most recent headlines

05/01/2027

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be demoed at CES 2026

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...

01/06/2026

Dolby Sets the New Standard for Premium Entertainment at CES 2026

January 6 2026, 05:30 (PST) Dolby Sets the New Standard for Premium Entertainment at CES 2026 Throughout the week, Dolby brings to life the latest innovatio...

02/05/2026

Dalet Flex LTS Delivers Smarter Search, Faster Editing, and an AI-Ready Foundation for Modern Media

Dalet, a leading technology and service provider for media-rich organizations, t...

01/05/2026

NBCUniversal's Peacock to Be First Streamer to Integrate Dolby's Full Suite of Premium Picture and Sound Innovations

January 5 2026, 18:30 (PST) NBCUniversal's Peacock to Be First Streamer to ...

01/04/2026

DOLBY AND DOUYIN EMPOWER THE NEXT GENERATON OF CREATORS WITH DOLBY VISION

January 4 2026, 18:00 (PST) DOLBY AND DOUYIN EMPOWER THE NEXT GENERATON OF CREATORS WITH DOLBY VISION Douyin Users Can Now Create And Share Videos With Stun...

12/03/2026

Milano Cortina 2026: Yospace helps ad-funded rights-holders claim advertising gold

Staines-upon-Thames, UK, 11th March, 2026 - Yospace, the trusted leader in Dyna...

12/03/2026

Utah Scientific Expands Technology Partner Program With Integrations From Audinate, Bitfocus, and Skaarhoj

Utah Scientific Expands Technology Partner Program With Integrations From Audina...

12/03/2026

Techex Hires Matt McKee as Senior Director, Sales, Americas

Techex, a global expert in live video solutions over IP and cloud, announces the appointment of Matt McKee as Senior Director, Sales, Americas, further strength...

12/03/2026

KOKUSAI DENKI Electric America Welcomes Mondae Hott as Regional Sales Manager, Northeast

KOKUSAI DENKI Electric America has appointed Mondae Hott as Regional Sales Manag...

12/03/2026

Interra Systems Focuses on Streaming-First QC, Monitoring, and Responsible AI Workflows at 2026 NAB Show

At the 2026 NAB Show, Interra Systems will showcase its latest advancements in a...

12/03/2026

15th National Games of China Features Expansive Unified Broadcast Network

The 15th National Games of China concluded after a two-week celebration of athletic excellence and regional collaboration. Held from Nov. 9-21 across Guangdong,...

12/03/2026

SVG in Indy: Butler University Students Get Live-Sports Experience via On-Campus Studio, Production Truck

Live-production academic program Butler Sports Live produced a total of 40 fall-...

12/03/2026

Lawo Delivers Fully IPBased Video Infrastructure for University of Nebraska's HuskerVision

The University of Nebraska's HuskerVision has completed the second phase of ...

12/03/2026

University of Illinois Upgrades Game-Day Production with New Hybrid IP Control Room

Grass Valley and integration partner Tab M Solutions have completed Phase 1 of a...

12/03/2026

CBS Sports Turns to University of Cincinnati's Control Room and Staff for Two Big 12 Men's Basketball Broadcasts

The broadcaster expands its campus-production model as the university handles tw...

12/03/2026

Disney+ to Stream Men's and Women's NCAA March Madness Across Europe, South Africa

Disney has announced the addition of March Madness - the NCAA Division I Men...

12/03/2026

Apple TV Further Integrating iPhones into Friday Night Baseball' Camera Lineup This Season

Apple TV's Friday Night Baseball MLB doubleheader series returns for its f...

12/03/2026

SVG Students To Watch: Jack Rinaldi, University of Notre Dame

The senior from New Jersey is making his mark in South Bend, both on the mic and behind it...

12/03/2026

Ross Video's Kevin Dresser on Powering Graphics for Major Sporting Events Throughout a Busy February

After a relatively quiet January, the month of February was jammed packed with l...

12/03/2026

X Games Launches New Era With First League Draft at Cosm L.A.

Long-time production partner Echo Entertainment is producing the broadcast, while Cosm played a vital role in the collaboration...

12/03/2026

Film Festival Watch: 24 Sundance Institute-Supported Films to Catch at the SXSW Film Festival

By Jessica Herndon We love kicking off each year by introducing the world to po...

12/03/2026

Didn't Die Brings Improv to the Zombie Apocalypse

Samrat Chakrabarti, George Basil, Kiran Deol, Katie McCuen and Vishal Vijayakumar attend the 2025 Sundance Film Festival premiere of Didn't Die at the Lib...

12/03/2026

Mon Laferte Leads All-Women Spotify Session as EQUAL Celebrations Kick Off in Latin America

In Latin America, women are shaping music and defining its future. To kick off t...

12/03/2026

Mon Laferte lidera la edicin EQUAL de Spotify Sessions, mientras comienzan las celebraciones de EQUAL en Latinoamrica

En Am rica Latina, las mujeres est n moldeando la m sica y definiendo su futuro....

12/03/2026

As Spotify Turns 20, the Most Global and Diverse Music Industry in History Has Taken Shape

Let's turn back the clock 20 years: The music landscape was a world away fro...

12/03/2026

Bad Bunny Brings the Sounds of Puerto Rico to Tokyo for Spotify's Billions Club Live

Bad Bunny is no stranger to Spotify's Billions Club. In fact, he has a whopp...

12/03/2026

At the London Book Fair, Spotify Shares Our Vision for the Future of Reading

Spotify was at the London Book Fair this week, joining conversations across the publishing industry about how people can make reading part of their daily lives....

12/03/2026

Ohlhorst Digital & Tokyo Dawn Labs launch Ancora

Mastering tool improves mono compatibility Tokyo Dawn Labs' Ohlhorst Digital range is a series of mastering-focused plug-ins developed by Jan Ohlhorst, ...

12/03/2026

Lewitt partner with Elgato

Wave FX processor integrated into four products Lewitt have teamed up with Elgato to create a new processor for the company's Wave Next product range, i...

12/03/2026

Mix Notes iOS App by David Thomas

Free tool for annotating audio files Mix Notes is a new, free iOS App that provides users with a simple way to annotate their audio files. It's been cre...

12/03/2026

Duck 2 from Devious Machines

Side-chain ducking tool gets an upgrade Devious Machines' popular side-chaining and envelope-shaping tool has just been kitted out with an improved enve...

12/03/2026

MPG Awards 2026: Shortlist announced

Ceremony to take place on 16 April 2026 The MPG (Music Producers Guild) have revealed the full shortlist for this year's MPG Awards, which will be takin...

12/03/2026

Overloud introduce Gem Comp160

Emulates three classic dbx 160 variants The latest arrival to Overloud's Gem Series plug-in range faithfully recreates not one, but three versions of th...

12/03/2026

Grainferno from Baby Audio

New granular soft synth announced Said to be their most advanced software synthesizer to date, Baby Audio's latest release has been built on a new granu...

12/03/2026

Bitwig Studio 6 launches

Latest version now live! Edit 11 March 2026 - Bitwig Studio 6 is now live, and available for all to download! The latest version of Bitwig's DAW softwa...

12/03/2026

Stereo Miking: The Sound On Sound Guide

Latest free eBook now available! Designed for recording engineers, audio-technology students and technically minded musicians, our latest free eBook deliver...

12/03/2026

AFL and NITV partner to launch new First Nations led program Inside the Huddle'

AFL and NITV partner to launch new First Nations led program Inside the Huddle&...

12/03/2026

Rohde & Schwarz Cybersecurity expands SITLine network encryptor portfolio - more bandwidth, higher port density, future-proof architecture

Rohde & Schwarz Cybersecurity expands SITLine network encryptor portfolio - more...

12/03/2026

Rohde & Schwarz to showcase future-proof EMC testing solutions at EMV 2026

Rohde & Schwarz to showcase future-proof EMC testing solutions at EMV 2026 Rohde & Schwarz will participate in EMV 2026, Europe's premier trade fair and c...

12/03/2026

19TH ANNUAL SOUTH AFRICAN FILM AND TELEVISION AWARDS (SAFTAs19) ANNOUNCES THE HOSTS FOR CRAFT AND MAIN SHOW

Johannesburg, 11 March 2026 - The 19th Annual South African Film and Television ...

12/03/2026

L3Harris and Shield AI Achieve Breakthrough in Autonomous Electronic Warfare

MELBOURNE, Fla., March 11, 2026 - L3Harris Technologies (NYSE: LHX) and Shield AI have successfully demonstrated a first-of-its-kind integration combining L3Har...

12/03/2026

L3Harris Delivering AI-Enabled CJADC2

The incorporation of Artificial Intelligence and Machine Learning into modern, converged all-domain systems is enabling true Joint Electromagnetic Spectrum Oper...

12/03/2026

L3Harris Appoints Sam Mehta President, Space & Mission Systems and Communications & Spectrum Dominance Segments

MELBOURNE, Fla., March 12, 2026 - L3Harris Technologies (NYSE: LHX) today announ...

12/03/2026

Blue Lucy's 6 Key Tenets

Modern media operations demand a platform that unites automation, orchestration, and human oversight without compromise. In this post, we explore the six key te...

12/03/2026

Blue Lucy Technology

A deep dive into the platform Architecture The Blue Lucy platform follows a distributed microservices architecture, meaning the overall operational capability...

12/03/2026

Blue Lucy Brings Order to the AI Wild West at NAB 2026

Orchestration platform enables broadcasters to deploy multiple AI models safely with full auditability, rights protection, and regulatory oversight. LONDON, En...

12/03/2026

Australia's financial sector ad spend surged by 20% in 2025 according to Nielsen

Cost pressures, switching intent and demand for savings and credit products are ...

12/03/2026

Nielsen Launches 2026 Upfront Planning Series With New Data To Help Marketers and Agencies Unlock Growth, Innovation Opportunities

For the first time, Nielsen breaks out demographic information about FAST and AV...

12/03/2026

Disney+ Goes Vertical with Verts

Share Copy link Facebook X Linkedin Bluesky Email...

12/03/2026

LTN and Appear Collaborate to Enable Scalable IP-Native L...

Appear's high-performance, ultra-low latency encoding platform augments LTN's fully managed global IP network and orchestration platform LTN, a leader ...