Wednesday, January 27, 07:26
Home security Phishing Attacks: Last an average of 21 hours, according to research!

Phishing Attacks: Last an average of 21 hours, according to research!

Researchers from Google, Samsung, PayPal, and Arizona State University spent a year exploring and analyzing the landscape of phishing-related threats and how users interact with phishing pages. Analyzing 22.553.707 user visits on 404.628 phishing pages, the researchers gathered a lot of information about how phishing campaigns work.

Specifically, from their findings the researchers found that a phishing attack It takes an average of 21 hours from the first to the last victim to visit a page, while each phishing attack by entities is detected an average of 9 hours after the first victim visits. The researchers will present their findings in more detail at the security conference USENIX which will take place 12 - 14 August.

Once detected, they remained for another 7 hours before maximizing browser-based alerts. Researchers describe the interval between its onset campaign and the development of phishing alerts on browsers until "Golden hours" of a phishing attack - in which attackers attract most of their victims. But when the "golden hours" are over, attacks continue to increase their casualties, even after the browser warns through systems such as API Google Safe Browsing. Of concern is the fact that 37,73% of the total movement of victims within the data set collected by the researchers, took place after the detection of the attack.

In addition, the researchers analyzed users' interactions with phishing pages and reported that 7,42% of victims entered credentials into phishing forms and eventually suffered infringement or noticed that a "fraudulent" transaction had taken place on his account. On average, scammers tried to breach user accounts and make "fraudulent" transactions 5,19 days after the user visited the phishing site, while credentials of the victims ended up in public dumps or criminal portals, 6,92 days after the user visited the phishing page.

The findings of the study correspond to those reported by Sherrod DeGrippo, Sr. Director, Threat Research and Detection at Proofpoint, on ZDNet. In particular, DeGrippo said that Proofpoint detects about 12 million phishing attacks each month, while the best cybercriminals focus on avoidance tactics to avoid detection, knowing that this way they will be able to keep their campaigns "active" for a longer period of time and extend the "golden hours".

Arizona State University research team said the success of these attacks is largely due to their slow detection by defense mechanisms. In addition, the researchers added that the lack of cooperation between industry partners is another factor that contributes to the success of the attacks. For this reason, they urge the various entities to work together more to defend and counter phishing attacks. They also stressed that cooperation makes all entities stronger against phishing and other types of attacks. According to Proofpoint, registrars, among others, must assist in this effort domain, encryption certificate providers and hosting companies. Finally, the researchers stressed that stopping phishing attacks is vital for her protection of organizations worldwide, while just as important is the correct and timely information officials to suspect such attacks.

The full academic research is entitled "Sunrise to Sunset: Analysis of the End-to-end Life Cycle and Effectivity of Phishing Attacks at Scale".


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.



Joe Biden: Replaces federal vehicles with new electric ones Ο Πρόεδρος Joe Biden ανακοίνωσε την απόφασή του να αντικαταστήσει ολόκληρο τον ομοσπονδιακό στόλο οχημάτων με...

Melanoma: Vaccine protects for 4 years from skin recurrence!

Melanoma is the most dangerous form of skin cancer affecting a large percentage of people worldwide. Now, scientists in the US are taking a breath ...

Facebook: Phone numbers of its users are sold through Telegram bot

Motherboard has revealed that someone has gained access to a database that contains phone numbers of Facebook users and is now selling these ...

How to force Outlook to spell check emails

If spelling is not your "trump card", business emails really do bother you. Nobody wants to send misspelled emails, for ...

Golang: Google fixes a serious Windows RCE vulnerability

This month Google engineers fixed a serious Remote Code Execution (RCE) vulnerability in Go (Golang).

Electricity generation in Europe: RES surpassed fossil fuels

Europe is slowly reducing its dependence on fossil fuels. A report published by Ember and Agora ...

TikTok: Fixed a vulnerability that would allow phone numbers to be stolen

TikTok started a bug bounty program after discovering various vulnerabilities in its application. This effort seems to have ...

MacOS Big Sur 11.2 RC 2 is now available as a public release

The second "release candidate" version of macOS Big Sur 11.2 is now available to developers and beta users. This comes after the ...

A rare species of cloudless exoplanet has been identified

Astronomers have found another strange exoplanet that could broaden our understanding of the universe. Gizmodo reports ...

COVID-19: Companies compete for the vaccination passport

Those vaccinated against Covid-19 at Dodger Stadium receive a CDC card with handwritten details of when they were given the ...