Phishing attacks remain a leading technique of harvesting credentials, distributing malware, and committing fraud. According to the 2020 Data Breach Investigations Report, phishing was the second dominant type of threat entering organizations’ security and the main type of threat in data breaches.
Unfortunately, there is more to the story. Cybercriminals refine their methods and perform well-orchestrated, sustained attacks by adapting and including the trending narratives.
Meanwhile, cybersecurity companies take a proactive stance and monitor vast amounts of information on multiple targets in their continuous fight against threat actors. In this article, we will go through the main types of modern phishing attacks and discuss what challenges cybersecurity professionals face. Also, we shall outline the next-level measures, such as using Datacenter Proxies, that power up the fight against phishing campaigns.
The aim of a phishing attack is to trick the recipient into giving login credentials, Social Security numbers, or other sensitive information. Scammers use emails, fake websites, phone calls, or text messages to catch victims’ attention and make them take the desired action. What is more, they constantly find new ways to abuse and seize the public’s need for reliable information.
Recently, Google stated that the number of phishing websites rocketed from 149,195 in January 2020 to 522,495 in March, thus increasing by 350% in two months. As the report further declared, most of these websites fit the coronavirus (COVID-19) narrative as a decoy.
During the heights of global pandemic fears, phishing attackers used the COVID-19 related keywords and focused on these main objectives:
Inviting to donate to fake charities
Stealing credentials
Delivering malware
In its Internet Organized Crime Threat Assessment 2020, Europol’s officials reviewed the current situation as “COVID-19 demonstrated how cybercrime – at its core – remains largely the same but criminals change the narrative.”
A real-world example of a scam where threat actors pretend to be the World Health Organization and forge its logo. Source: Federal Trade Commission
As phishing attempts are getting more sophisticated, it is becoming more difficult for organizations to determine the real from the fake and spot the red flags. Wrongdoers regularly find new ways of tricking the recipients. By including the societal context, they refine their techniques and increase the success rate.
While cybersecurity companies continuously monitor and expose phishing incidents, time becomes a critical factor in performing such threats. Fraudsters focus their efforts on creating momentary multi-faced attack campaigns in order to breach an organization’s security. In other words, they adapt the specifics of their approach, so victims provide the sensitive data themselves, and scammers can enter through the front door.
There are many types of phishing attacks that use different techniques. While they are increasing in number, the main ones remain spear phishing and deceptive phishing.
Deceptive phishing is generally the most frequent method of phishing. By using this technique, attackers imitate a legal company in order to gain sensitive information. A common practice is to urge the recipients to act fast and scare them into getting the desired attention.
Usually, fraudsters develop phishing websites by blending legitimate and malicious code together. In such cases, they copy the CSS and JavaScript of a well-known organization login web page and add small changes to the code. This way, at first glance, the website seems legitimate, and victims enter their login credentials.
Another typical example of deceptive phishing would be modifying well-recognized brand logos and adding them into phishing emails or malicious websites. In order to outsmart email filters, attackers adjust an HTML attribute. Emails with such modified logos look more legitimate and may trick recipients into believing that the attack message is real.
Comparison of legitimate UK Government site (left) and malicious site (right).
Source: David Warburton. 2020 Phishing and Fraud Report. F5 Security Operations Center (SOC)
Spear phishing attacks are more personalized and directed at filtered target individuals rather than random groups. Scammers research the victims’ personal information, such as name, company name, job position, and craft a customized email or website forgeries. While such well-orchestrated attacks with a malicious URL or malware attachment seem more legitimate, the success rate is much higher. Also, most standard spam filters miss these emails, making standard protection measures ineffective.
Besides including specific context, fraudsters add another layer of effort when approaching their victims. Instead of counting their success on a single email, cybercriminals perform multi-stage attacks that involve other forms of communication, such as a phone call from a local customer support agent. In order to create that false sense of security, scammers may even imitate the specific accent or refer to recent local events.
Spear phishing attacks are most frequent on social media websites, such as LinkedIn. Attackers can infiltrate via fake accounts, make connections, and learn the structure of a company – all this information helps plan future attacks and create personalized emails.
Phishing and spear phishing remain the dominant types of threats entering organizations.
Source: Exploits at the Endpoint: SANS 2016 Threat Landscape Survey
With phishing attackers showing no sign of slowing down, cybersecurity companies take a proactive stance and look for next-level measures in fighting cybercrime. Considering the fast nature of phishing attacks, efficient and timely data gathering is crucial for scanning the web or internal systems and gaining the full visibility of existing and potential threats.
Most phishing campaigns are not fundamentally new but rather constantly updated and powered up with customized content in order to sync with trending topics and catch the heightened attention of society. This requires organizations to put prompt monitoring in place and make data-driven decisions.
Also, besides standard reactive measures, cybersecurity professionals take further steps and hunt for vulnerabilities. Even the brief downtime or slightest security gap in internal systems can increase potential risks of cyberattacks. Scam detection solutions must be well-functioning all the time, and exercising threat hunting may strengthen them when real attacks occur.
Web scraping plays a prominent role in phishing attack prevention
In their continuous fight against threat actors, cybersecurity companies utilize proxies for several reasons.
Cybersecurity companies have to stay anonymous while performing protection services or threat hunting. By using proxies to hide their IP addresses, they can expand their visibility when monitoring client’s internal systems or scanning the web for leaked business information. What is more, proxies make it difficult for threat actors to detect any activity performed by protection services.
“Cybersecurity companies take a proactive stance by scanning websites for threats, however malicious websites are aware they are under scrutiny. Rather than allowing themselves to be identified, they block IP addresses they suspect may belong to cybersecurity companies so they can stay anonymous and undetected.”
– Andrius Palionis, VP Enterprise at Oxylabs
Considering the rising number of cybercrimes, the need for accurate and real-time data has increased extensively. Monitoring, collecting, and analyzing web data that provides insights into what the digital threat landscape looks like is a prominent security expert’s goal. No need to say that this information is extremely helpful for scanning vulnerabilities, screening assets, and detecting misconfigurations.
High-performing proxies ensure smooth data harvesting processes by overcoming web scraping challenges, such as anti-bot measures and geographical restrictions. Besides providing anonymity, proxies help perform large-scale data acquisition projects and save time, resources, or financial funds.
We have prepared another article on proxies for cybersecurity solutions that points out the best options for every use case. For anti-phishing specifically, see the proxies for anti-phishing page.
Since the key to fighting phishing attacks is anonymity, uptime, and speed, datacenter proxies make the perfect choice for cybersecurity.
Datacenter Proxies come from data centers, thus providing stable and reliable performance. Oxylabs offers one of the fastest Datacenter Proxies on the market with over 2M+ IPs and 99.9% uptime, guaranteeing flawless operations 24/7. All Oxylabs’ Datacenter Proxies are dedicated, meaning that they are assigned to one user at a time. It ensures high speed and fast response times.
How Oxylabs’ Datacenter Proxies work
With phishing attacks becoming more sophisticated and highly increasing in numbers, security professionals take a proactive approach and utilize next-level measures to fight against cybercrimes. High-performing proxies provide full visibility of the web, as well as ensure anonymity and smooth data harvesting.
If you are interested in integrating our products for companies in the cybersecurity field, get in touch with us at enterprise@oxylabs.io at any time, and we will discuss the most suitable solution for your case.
About the author
Vejune Tamuliunaite
Former Product Content Manager
Vejune Tamuliunaite is a former Product Content Manager at Oxylabs with a passion for testing her limits. After years of working as a scriptwriter, she turned to the tech side and is fascinated by being at the core of creating the future. When not writing in-depth articles, Vejune enjoys spending time in nature and watching classic sci-fi movies. Also, she probably could tell the Star Wars script by heart.
All information on Oxylabs Blog is provided on an "as is" basis and for informational purposes only. We make no representation and disclaim all liability with respect to your use of any information contained on Oxylabs Blog or any third-party websites that may be linked therein. Before engaging in scraping activities of any kind you should consult your legal advisors and carefully read the particular website's terms of service or receive a scraping license.
Get the latest news from data gathering world
Forget about complex web scraping processes
Choose Oxylabs' advanced web intelligence collection solutions to gather real-time public data hassle-free.
Scale up your business with Oxylabs®
GET IN TOUCH
General:
hello@oxylabs.ioSupport:
support@oxylabs.ioCareer:
career@oxylabs.ioCertified data centers and upstream providers
Connect with us
Advanced proxy solutions
Resources
Innovation hub