“Who would ever fall for that?” That’s what many people think when they see a phishing attempt, since less advanced types of phishing often involve laughable requests with terrible grammar and spelling to lure victims. Most of these are sent to a large number of recipients in hopes that a few will respond, as even the smallest margin of return is a success. However, the majority of today’s phishing attacks are becoming increasingly sophisticated, carefully crafted to obtain sensitive information from specific organizations, or even a particular person.
Webroot’s latest analysis of phishing activity provides clear evidence of its evolution. Almost 100 percent of phishing URLs use domains typically associated with benign activity, making it much harder for people to recognize the URLs as malicious. Another alarming change is that 84 percent of phishing sites exist for less than 24 hours. Traditional security technologies simply can’t keep up with that.