Report Reveals Phishing and Rogue Mobile Apps as Top Vectors of Fraud Attacks

Phishing schemes and rogue mobile applications continued to be heavily used by cybercriminals to defraud users and organizations in the first quarter of 2019, according to security firm RSA’s report which looked into 82,938 fraud attacks worldwide.

In the report’s breakdown of attacks, phishing accounted for 29% while rogue mobile apps accounted for 50%. RSA’s findings on fraudsters’ sustained reliance on phishing and rogue mobile apps is congruent with feedback from the Trend Micro™ Smart Protection Network™ security infrastructure, which uses advanced data science techniques like machine learning (ML): It detected and blocked 4.4 million phishing attempts, i.e., access to phishing URLs by unique client IP address, and 12.5 million malicious apps in Q1 2019.

[Read: Trend Micro Cloud App Security Report 2018: Advanced Defenses for Advanced Email Threats]

Phishing attacks remained steady, rogue mobile apps increased exponentially

RSA observed that the volume of phishing attacks, which can come in the form of a socially engineered email, phone call, or smishing, experienced an increase of less than 1% from the last quarter of 2018. Meanwhile, fraudsters were found deploying a lot more rogue mobile applications. From 10,390 rogue apps in Q4 2018, the total shot up to 41,313 in Q1 2019 — a 300% surge.

The other types of fraud attacks observed include the use of trojan horse or stealthy malware installed under false pretenses and brand abuse or online content that abuses an organization’s brand to mislead users. Respectively, they accounted for 12% and 9% of the overall total.

[Read: Microsoft, PayPal, and Netflix Most Impersonated Brands in Phishing Attacks in Q1 2019]

Canada top phishing target country, US top host country

The report also looked into the countries that were most targeted by phishers in the same period. Canada was the most targeted at 52%. Spain followed suit at 16%, with the Netherlands trailing behind at 10%.  

Interestingly, Canada was only fourth in the list of top countries for phishing attack origins. The top hosting country was the U.S., followed by India and Russia.

[Read: Compromised Office 365 Accounts Used to Send 1.5 Million Email Threats in March]      

Security recommendations

Cybercriminals don’t run out of sophisticated fraud attack tactics that users can fall prey to. Users and organizations should always be in the know about the many ways a cybercriminal can take advantage of them. This year, Trend Micro predicts a significant increase in phishing — a threat that heavily relies on deceptive social engineering techniques. This should remind users and organizations to adopt best practices against phishing and other email threats.  

Organizations can also set up an advanced defense strategy by using the Trend Micro Cloud App Security™ solution as an additional email security layer. Cloud App Security uses machine learning to detect suspicious content in the message body and attachments. Artificial intelligence (AI) and computer vision technology are also used to help detect and block attempts at credential phishing by checking if a legitimate login page’s branded elements, login form, and other website components are being spoofed. Meanwhile, Writing Style DNA helps detect email impersonation tactics used in business email compromise (BEC) and similar scams by using machine learning to recognize the DNA of a user’s writing style based on past emails.  

To avoid infection from malicious apps, users should only install apps from trusted app stores. They can also take advantage of the Trend Micro Mobile App Reputation Service (MARS), which automatically identifies mobile threats based on app behavior. It covers Android and iOS threats and uses leading sandbox and machine learning technologies.

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.