A Rise in Online Crime: Key Findings from 2018
A 2019 threat report has highlighted the most concerning trends in online crime. The report is an insight into the ever-changing world of cybercrime. It reveals crucial statistics that help businesses to stay up-to-date with the most common cyber-attack methods.
What were the key findings?
- 40% of malicious URLs were found on good domains.
Due to the reliability of good domains, legitimate websites are the perfect place to host malicious content unbeknown to the site’s owner. Mining personal details of site customers, installing phishing pop-up links and other malicious content was rife in 2018.
- Home user devices are more than twice as likely to become infected as business devices.
68% of infections are seen on consumer endpoints, such as laptops, mobiles and tablets, compared with 32% on business endpoints. How can you better secure your personal devices to keep your data safe in 2019?
- Phishing attacks increased 36%, with the number of phishing sites growing 220% over the course of 2018.
Phishing sites now use SSL certificates and HTTPS to trick internet users into believing they are secure, legitimate pages. More than three quarters of phishing attacks impersonated financial institutions. More than 80% of these phishing pages used HTTPS. Google was the most impersonated organisation of 2018.
- After 12 months of security awareness training, end users are 70% less likely to fall for a phishing attempt.
Proof that training your staff is definitely worth it, the report found organisations that combine phishing simulation campaigns with regular training saw a 70% drop in phishing link click-through.
- Despite the decrease in cryptocurrency prices, cryptomining and cryptojacking are on the rise.
The number of cryptojacking URLs Webroot saw each month in the first half of the year more than doubled in the period from September through December 2018. These techniques can be more lucrative than ransomware attacks as they don’t require waiting for the user to pay the ransom. They also have a smaller digital footprint.
- While ransomware was less of a problem in 2018, it became more targeted.
Although large-scale ransomware attacks are set to decline further in 2019, new ransomware families will emerge. Malware authors are now turning to more targeted attacks. Many ransomware attacks in 2018 used the Remote Desktop Protocol (RDP) as an attack vector, leveraging tools such as Shodan to scan for systems with inadequate RDP settings.
What can we do?
These findings are a reminder that we must be vigilant when it comes to protecting our businesses and homes from malicious technologies.
If you’re not already implementing an extensive cybersecurity strategy, here are three things you can do to get started:
- Invest in cybersecurity bundles.
Multi-layer cybersecurity is essential with the range and sophistication of attacks attempted against businesses every day. Products such as PROsecure® protect your business through both proactive and reactive measures to ensure your business has the best level of protection at all times.
- Put staff awareness training at the top of your to-do list.
People are your biggest liability and the number one target for the majority of cyber-attacks. Create a secure employee culture and regularly simulate attacks that directly target your employees, such as phishing emails.
- Keep up-to-date.
An out-of-date website is every hacker’s dream. Keep your site patched and employ the latest updates to avoid leaving back doors wide open for attackers to exploit.
Makes sure your business is as secure as it can be with UKFast’s wide range of security solutions.
stay secure with ukfast
Research from Smarter Cybersecurity® firm Webroot (2019 Threat Report).