In 2023, the number of phishing emails sent to customers of Russian financial institutions increased one and a half times. Alexander Vurasko, head of the Solar Aura external digital threat monitoring service at Solar Group, told socialbites.ca. The expert also reminded that phishing remains the main vector for the delivery of hacker tools, including intelligence tools, malware (malware) and remote administration tools.
The most popular phishing method of 2023 was a promotion or survey conducted on behalf of the bank. At the same time, the attackers’ main goal has shifted from stealing bank card data to gaining access to the customer’s personal account. Nearly one in ten (8%) of the phishing sites identified were used to distribute remote computer administration programs camouflaged as bank technical support programs.
“Such resources can even be found in phone scams; during the conversation, attackers direct their victims to them,” the expert added.
According to Vurasko, in 2023, cybercriminals actively avoided mentioning the names of specific organizations in the domains. If earlier such resources were rare, in 2023 their share was already 40%.
“In addition, the number of malicious sites located on level three and four domains has increased significantly. “This places new demands on mechanisms for identifying illicit sources and neutralizes the detection of phishing sites the “old-fashioned way” by analyzing matching domains,” he said.
Hackers before started New AI chatbots for cyber-scammers and romance scammers.