December 6, 2017
November 30, 2017
Posted June 2, 2015
The public version of the ThreatMetrix Labs report May 2015 is available here: “How Successful Are Targeted Phishing Attacks? A Real-World Example.”
For a private copy with all the information, please contact us at firstname.lastname@example.org.
Personal information is being lost everywhere. Some called 2014 the year of the data breaches and 2015 the year of the mega data breaches. At the same time, we spend a lot of time looking at really sophisticated malware attacks, but how successful are phishing attacks in 2015?
Well, it turns out they are very successful by every measure. And phishing attacks are well and truly alive. They are certainly not these horrible looking and poorly worded websites anymore, and sophisticated Trojans such as the Dyre Trojan combine social engineering, sophisticated malware attacks and classical phishing attacks into one hell of an attack.
So what can a fraudster expect in 2015 when running a sophisticated phishing attack? How much personal information are people willing to provide – if convinced properly? How easy is it to enrich the data with other data sources (either public or private)?
This ThreatMetrix Labs report looks behind the scenes of one such phishing campaign in detail, and the results are shocking.
This research confirms one of the best known secrets in the industry: Targeted attacks produce high quality results. This phishing attack wasn’t a poorly written website spammed out to millions of Internet users around the world. This phishing attack was very targeted and as such the quality of the data is very high.
Some key takeaways: