Sony Pixel Power calrec Sony

Akamai Threat Research: Phishing and Credential Stuffing Attacks Remain Top Threat to Financial Services Organizations and Customers

01/08/2019

Akamai Threat Research: Phishing and Credential Stuffing Attacks Remain Top Threat to Financial Services Organizations and Customers Latest State of The Internet / Security Report Observes 3.5 Billion Malicious Login Attempts Targeting the Financial Services Sector; Illustrates Akamai's Unique Threat Visibility

Cambridge, MA | July 31, 2019

Newly released data from Akamai's 2019 State of the Internet / Security Financial Services Attack Economy Report has found that 50% of all unique organizations impacted by observed phishing domains were from the financial services sector. The data shows that, in addition to unique phishing attempts, adversaries also leveraged credential stuffing attacks to the tune of 3.5 billion attempts during an 18-month period, putting the personal data and banking information of financial services customers at risk.

The report indicates that between December 2, 2018 and May 4, 2019, nearly 200,000 (197,524 to be exact) phishing domains were discovered, and of those domains, 66% targeted consumers directly. When taking the phishing domains targeting consumers only into consideration, 50% of those targeted companies in the financial services industry.

We've seen a steady rise in credential stuffing attacks over the past year, fed in part by a growth in phishing attacks against consumers, said Martin McKeay, Security Researcher at Akamai and Editorial Director of the State of the Internet / Security Report. Criminals supplement existing stolen credential data through phishing, and then one way they make money is by hijacking accounts or reselling the lists they create. We're seeing a whole economy developing to target financial services organizations and their consumers.

Once criminals have succeeded in their schemes, they need to process their ill-gotten data and funds. As Akamais report highlights, one method of dealing with this situation centers on bank drops' - packages of data that can be used to fraudulently open accounts at a given financial institution. Bank drops will typically include a persons stolen identity - often called fullz by criminals online, including name, address, date of birth, Social Security details, drivers license information, and credit score. Secure access to the fraudulent accounts comes via remote desktop servers, which are matched to the geographic location of the bank and the fullz.

Financial institutions continue to investigate the ways in which criminals are opening these drop accounts, and are working diligently to stay ahead of the curve. What most businesses don't realize, however, is that criminals are recycling old attack methods.

Akamai's findings revealed that 94% of observed attacks against the financial services sector came from one of four methods: SQL Injection (SQLi), Local File Inclusion (LFI), Cross-Site Scripting (XSS), and OGNL Java Injection (which accounted for more than 8 million attempts during this reporting period). OGNL Java Injection, made famous due to the Apache Struts vulnerability, continues to be used by attackers years after patches have been issued.

In the financial services industry, criminals have also started launching DDoS attacks as a distraction to conduct credential stuffing attacks or to exploit a web-based vulnerability. Over the course of 18 months, Akamai uncovered more than 800 DDoS attacks against the financial services industry alone.

Attackers are targeting financial services organizations at their weak points: the consumer, web applications and availability, because that's what works, said McKeay. Businesses are becoming better at detecting and defending against these attacks, but point defenses are bound to fail. It requires being able to detect, analyze, and defend against an intelligent criminal who's using multiple different types of tools for a business to protect its customers. For more than twenty years, Akamai has been leveraging its unique visibility into the full spectrum of attacks to help protect customers from these types of ever-evolving nefarious activities.

The criminal economy thrives, in part, because they target the financial services industry. By targeting banks for example, criminals attempt to steal sensitive data, and then turn around and use that same data to open fake accounts and lines of credit. Its a continuous cycle of crime. There is a deep level of irony in the fact that criminals are targeting the very industry they need to survive. While financial institutions are becoming better at detecting these attacks, adversaries continue to find success with old tricks, and that's a problem.

The Akamai 2019 State of the Internet / Security Report is available for download here. For additional information where the security community can access, engage with, and learn from Akamai's threat researchers and the insight that the Akamai Intelligent Edge Platform affords into the evolving threat landscape, visit Akamai's Threat Research Hub.

About Akamai Akamai secures and delivers digital experiences for the world's largest companies. Akamai's intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps and experiences closer to users than anyone - and attacks and threats far away. Akamai's portfolio of edge security, web and mobile performance, enterprise access and video delivery solutions is supported by unmatched customer service, analytics and 24/7/365 monitoring. To learn why the world's top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global co
LINK: https://www.akamai.com/uk/en/about/news/press/2019-press/state-of-the-...
See more stories from akami

Most recent headlines

05/01/2027

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be demoed at CES 2026

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...

06/09/2026

Dolby and MagentaTV Bring Fans Closer to the FIFA World Cup 2026 in Germany with Dolby Vision and Dolby Atmos

June 9 2026, 23:00 (PDT) Dolby and MagentaTV Bring Fans Closer to the FIFA Worl...

04/08/2026

Dalet Announces Commercial Availability of Dalia, Bringing Media-Aware Agentic AI to Enterprise Productions

Dalet, a leading technology and service provider for media-rich organizations, t...

09/07/2026

Omaha Productions Goes All-In as World Series of Poker Main Event Returns to ESPN

With 50+ cameras, three trucks, 60+ EVS channels, RFID hole-card workflows, and ...

09/07/2026

SVG Students To Watch: Dana Shearer, Syracuse University

A recent graduate from Westchester, NY, this experienced technician has already started her first gig in the industry, as a REMI A2 Comms Specialist at ESPN In...

09/07/2026

SVG New Sponsor Spotlight: Lightcasts Andreas Kisslinger on the Role of Automation, Cloud-Based Workflows in Streaming

Live sports production is a fast-paced industry with no signs of slowing down. W...

09/07/2026

TV Skyline, thinXpool, DMC Production Collaborate on Deutsche Telekom's World Cup From NYC

From a rooftop studio in Manhattan, multiple Germany-based companies share respo...

09/07/2026

FOX One and Overtime Announce Creator Series Race to Glory for FIFA World Cup 2026

Overtime has announced a content partnership with FOX One to produce Race to Glo...

09/07/2026

Ross Production Services Standardizes on Clear-Com Intercom Across Mobile Production Fleet

Clear-Com has announced that Ross Production Services (RPS) has standardized on ...

09/07/2026

NetApp Returns as Presenting Partner of 2026 NFL Madrid Game

The NFL has announced that NetApp will return as Presenting Partner of the NFL Madrid Game, featuring the Atlanta Falcons against the Cincinnati Bengals at the ...

09/07/2026

The R&A and Cisco Announce Multi-Year Network Infrastructure Partnership

The R&A and Cisco have announced a multi-year partnership making Cisco the Official Network Supplier of The R&A and its Championships. Cisco will deploy AI-read...

09/07/2026

Fox Television Stations, Extreme Reach, and LTN Complete Live Syndication of 25 Words or Less LIVE

Fox Television Stations, Extreme Reach (XR), and LTN have announced the completi...

09/07/2026

Wynn Records Launches Direct-to-Consumer Streaming Platform Powered by Kiswe

Kiswe has announced a partnership with Wynn Records to launch the Wynn Records Network streaming platform, debuting Saturday, July 11 with a Salita Promotions b...

09/07/2026

NEP Europe Announces Multi-Year Agreement as Wimbledon Broadcast Services Provider

NEP Europe has announced a new multi-year agreement with Wimbledon Broadcast Ser...

09/07/2026

Thropic Games Raises Pre-Seed Round Led by The Famous Group

Thropic Games, a company offering casual mobile games tied to fan fundraising for sports programs, has announced a pre-seed funding round led by The Famous Grou...

09/07/2026

Game Creek Video Purchases 10 Grass Valley K-Frame Switchers for Fleet Expansion

Game Creek Video has reached an agreement with Grass Valley to purchase 10 K-Frame production switchers as part of a two-year fleet expansion. Two systems have ...

09/07/2026

Gravity Media Powers ITVs FIFA World Cup Coverage with Three-Hub Remote Production

Gravity Media is delivering a three-hub remote production workflow for ITV's...

09/07/2026

Report: North American Broadcast Journalists Spend Up to 75% of Time on Technical Workflows

A new report from Quickplay and Caretta Research, The Broadcaster Revolution Wi...

09/07/2026

DAZN to Broadcast Esports World Cup Free to Global Audiences

DAZN, the world's leading sports entertainment platform, has announced a long-term strategic partnership with the Esports World Cup Foundation to serve as t...

09/07/2026

YES Networks Mike Webb on Finding Opportunity for Innovation in Live Regional Sports Production

The regional sports network is staying busy this summer with broadcasts of the N...

09/07/2026

Universal Audio Black Box HG-2 & elysia karacter

Latest analogue-emulation plug-ins revealed Universal Audio have just added two new analogue-emulation plug-ins to their DSP-powered UAD line-up. Developed ...

09/07/2026

Neumann launch U 47 FET Bon Scott Edition

Limited-edition mic celebrates rock icon Neumann have partnered with the Bon Scott Estate to create a limited-edition version of the U 47 FET that honours b...

09/07/2026

Plugin Station: Plug-in management software

Handles organisation, updates, troubleshooting & more Created by pro-audio software developer Julian Worden, Plugin Station from Julian Michael Technologies...

09/07/2026

LANDR expand Fair Trade AI programme

Introduces new $1 million advance programme LANDR have just announced the next phase of their Fair Trade AI programme, a pioneering opt-in music-licensing p...

09/07/2026

Spitfire Audio expand low-cost Originals range

Four new titles now available Spitfire Audio have just introduced four new titles in their Originals range, bringing the total count of libraries in the low...

09/07/2026

SBS statement Royal Commission on Antisemitism and Social Cohesion

SBS statement Royal Commission on Antisemitism and Social Cohesion 9 July, 2026 Media releases SBS acknowledges the gravity of the matters before the Roy...

09/07/2026

Press Release: NFVF Sixth Presidential Employment Stimulus Programme (PESP6) Status Update

08 July 2026, Johannesburg - The National Film and Video Foundation (NFVF), an a...

09/07/2026

Blackmagic Design Announces New UltraStudio Express 3G

Blackmagic Design Announces New UltraStudio Express 3G Brie Clayton July 9, 2026 0 Comments New extremely portable capture and playback models with 3G...

09/07/2026

Miri Introduces Self-Service Cellular Data and SIM Card Management Platform for NetConnect+ Plans

Miri Introduces Self-Service Cellular Data and SIM Card Management Platform for ...

09/07/2026

Hong Kong Jockey Club Expands Intercom Infrastructure Wit...

Riedel Communications today announced that the Hong Kong Jockey Club (HKJC), one of Asia's most prestigious horse racing organizations, has significantly up...

09/07/2026

Game Creek Video Switches On Next-Gen Production with K-F...

Leading North American mobile production facility provider standardizes on Grass Valley's fully IP-native K-Frame production switchers for its fleet of next...

09/07/2026

Miri Introduces Self-Service Cellular Data and SIM Card M...

Miri Technologies Inc. is rolling out a new online portal that provides customers and resellers with self-serve management tools and usage analytics for the com...

09/07/2026

Beeble Introduces AI-Driven SwitchHDR Converter

Share Copy link Facebook X Linkedin Bluesky Email...

09/07/2026

DP Aakash Subramaniam Chooses ZEISS Supreme and Nano Prim...

Cinematographer Aakash Subramaniam, WICA faced a conceptual challenge: how could he make a film about dying that doesn't feel like one? The film, Our Weird...

09/07/2026

Enjoy Gigafast speeds and Ultimate TV pack for less

Thursday 9 July 2026 Enjoy Gigafast speeds and Ultimate TV pack for less The latest deals have dropped from Sky TV and Sky Broadband, the award-winning provid...

09/07/2026

Local campaigns with impact

Hands up who would like to dress up as a giant crisp packet? The call that went out across the agency as our anti-litter campaign, Wish you weren't here fo...

09/07/2026

GeForce NOW Turns Up the Heat With New GeForce RTX 5080-Powered Toronto Server

This GFN Thursday brings more games, more power and more ways to play on GeForce NOW. The cloud gaming service is expanding with a new GeForce RTX 5080-powere...

08/07/2026

Aqueduct Racetrack Goes Silent

The end of the Big A' marks the demise of one more iconic sports venue and its signature sound After 132 years as one of the preeminent horse-racing track...

08/07/2026

Memphis Athletics, Learfield Continue Long-Term Partnership

Memphis Athletics and Learfield have signed a long-term renewal to their 25-year relationship, which sees Learfield's Tiger Sports Properties continue repre...

08/07/2026

T-Mobile Brings ABS Challenge System, 5G Batting Practice Cams to 2026 MLB All-Star Game in Philadelphia

MLB All-Star Week returns to Philadelphia for the first time in 30 years as Amer...

08/07/2026

SVG Enterprise Launches Inaugural Enterprise Video Summit, Oct. 19 in New York

Former Wall Street Video event expanded to include all Enterprise sectors SVG Enterprise has announced the inaugural Enterprise Video Summit, taking place Oct....

08/07/2026

Wrigley Field Revamp: Chicago Cubs Upgrade LED Videoboards To Match New 1080p Control Room

An offseason project enhanced eight video displays around the venue in time for ...

08/07/2026

A Beacon on Biscayne Bay: Miami Heat Reflect on Ambitious Renovation at SVG Venues & Teams Summit

Kaseya Center has a ton of new features that weren't available to the indust...

08/07/2026

FIPRESCI Establishes Jury at Sundance Film Festival

The International Federation of Film Critics (FIPRESCI) and the Sundance Film Festival are pleased to announce the establishment of a FIPRESCI jury beginning wi...

08/07/2026

Universal Audio introduce Black Box HG-2 & elysia karacter

Latest analogue-emulation plug-ins revealed Universal Audio have just added two new analogue-emulation plug-ins to their DSP-powered UAD line-up. Developed ...

08/07/2026

Pitch Innovations release Loop2Kit

Turn any audio loop into a playable kit Pitch Innovations have recently introduced an interesting new tool that's capable of creating playable kits from...

08/07/2026

MonkeyC update Rando sampler plug-in

Adds new keyboard-split function MonkeyC have recently launched an update that overhauls their powerful software sampler. Described as the sampler that mad...

08/07/2026

Strymon unveil the TimeLine MX

Four new delay algorithms & dual-engine functionality Strymon have just announced that the much-anticipated MX version of their hugely popular delay pedal i...

08/07/2026

Well over half of Australia have tuned in to watch the FIFA World Cup on SBS

Well over half of Australia have tuned in to watch the FIFA World Cup on SBS 7 July, 2026 Media releases Australia's Round of 32 match against Egypt a...

08/07/2026

SBS and Koorie Heritage Trust announce three-year partnership to celebrate First Nations cultures and communities

SBS and Koorie Heritage Trust announce three-year partnership to celebrate First...