This is the most popular method used by fraudsters to rob you
With an increased focus on the financial sector, fraudsters are relying on phishing to rob innocent internet users of their money. According to the latest Akamai State of Internet report, 50% of all unique organisations impacted by observed phishing domains were from the financial services sector. The data shows that, in addition to unique phishing attempts, adversaries also leveraged credential stuffing attacks to the tune of 3.5 billion attempts during an 18-month period, putting the personal data and banking information of financial services customers at risk.
The report indicates that between December 2, 2018 and May 4, nearly 200,000 (197,524 to be exact) phishing domains were discovered, and of those domains, 66% targeted consumers directly. When taking the phishing domains targeting consumers only into consideration, 50% of those targeted companies in the financial services industry.
“We’ve seen a steady rise in credential stuffing attacks over the past year, fed in part by a growth in phishing attacks against consumers,” said Martin McKeay, security researcher at Akamai and Editorial Director of the State of the Internet / Security Report. “Criminals supplement existing stolen credential data through phishing, and then one way they make money is by hijacking accounts or reselling the lists they create. We’re seeing a whole economy developing to target financial services organisations and their consumers.”
Once criminals have succeeded in their schemes, they need to process their ill-gotten data and funds. As Akamai’s report highlights, one method of dealing with this situation centers on ‘bank drops’ – packages of data that can be used to fraudulently open accounts at a given financial institution.
Bank drops will typically include a person’s stolen identity – often called ‘fullz’ by criminals online, including name, address, date of birth, Social Security details, driver’s license information, and credit score. Secure access to the fraudulent accounts comes via remote desktop servers, which are matched to the geographic location of the bank and the ‘fullz’.