Akamai Diversity

Akamai Security Intelligence
& Threat Research

State of the Internet Security: Phishing - Baiting the Hook

This Halloween, the scariest thing you might encounter could be lurking on the device you're reading this on.

That's right - phishing attacks.

Phishing is a long-term, social-based problem, impacting every market segment and people from all walks of life each day. This edition of the State of the Internet / Security report centers on phishing and touches on its impact to the retail sector, including both legitimate and criminal market spaces.

Phishing has been around for a long time, and has evolved from being an email-based attack, to one that now includes mobile devices and social media. This continuous evolution leverages the world's increasingly connected existence as a means of rapid propagation. As such, criminals now have more options when it comes to targeting their victims.

In this report, you'll be able to dive deeper into the different styles of phishing attacks, how phishing kits are developed, and explore the lifecycle and of a phishing attack from first-hand knowledge. Working with information from our Nominum and Enterprise Threat Protect teams, this report takes a serious look at the domains used with phishing tools to impersonate some of the best-known companies in the world.

More than 60% of the kits monitored by Akamai were active for just 20 days or less, which is common among generic phishing attacks. This shortened lifespan is also why criminals constantly develop new evasion techniques that they hope will help keep the kit below the radar.

In this report, we also take a look at how Akamai uses Akamai to defend itself. What good would a security company be, if it didn't use its own products? In terms of phishing, the engineering teams at Akamai were the target of nearly 27% of phishing attempts. 

Alex Pinto, from Verizon Business, is our guest author for this report. He writes about how data sharing and data reporting can help the Information Security industry continue to grow and learn. 

"Over the years, I've heard many practitioners say that Information Security is a profession in its infancy.  I believe that this anxiety about our profession boils down to a fear of the unknown, and a lack of data. We're playing chess in the dark, unable to plan our next move, let alone see our end game."

To read the full report, please head to www.akamai.com/soti 

Leave a comment