Top 5 Stories


Successful bank phishing attacks target compromised infrastructure

06 March 2012

Nearly all of the successful phishing attacks against US banks exploit compromised infrastructure, according to data compiled by email security firm Agari.

Criminals use legitimate infrastructure – servers and software – owned by reputable institutions to conduct successful phishing campaigns against banks, a technique known as infrastructure hijacking, Agari said in a release.

"Using compromised, legitimate servers allows the criminals to bypass a battalion of email security defenses and deliver phish to the inbox. In fact, of the top 300 successful phishing attacks to US banks, all used compromised servers from legitimate companies”, Agari noted.

Surprisingly, the greatest phishing threats to US banks originate from US servers, which were responsible for distributing the majority of top phishing threats to US institutions. Of all phishing threats to US banks, 39.2% originated from the US, nearly four times higher than number two-ranked Germany.

Agari found that system administrators aid phishing attacks by deploying unprotected infrastructure. Systems administrators could have prevented one-quarter of successful phishing attacks against banks by patching known vulnerabilities, the company judged.

In addition, Agari found that botnets no longer pose a significant phishing threat, with only 0.5% of successful bank phishing attacks sent by botnets.

“It is critical to understand why and how phishing succeeds, yet the majority of phishing research analyzes all phish, both successful and unsuccessful phish, which creates tremendous data distortion. Agari’s research is unique in examining only successful phishing attacks”, said Patrick Peterson, Agari’s chief executive officer.

This article is featured in:
Application Security  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×