About Thawte

News

Phishing increasingly dominant, dangerous cyberattack

As recent cyberattacks on news outlets and money-saving social sites show, phishing-driven threats on computer security are increasing in prominence. Verizon's 2013 Data Breach Investigations report found that social-based cybercrime is currently among the fastest-growing attack patterns, with phishing and pretexting accounting for the majority of new threats.

The study found that phishing was responsible for 29 percent of all cyberattacks in 2012, and as recent events in the news indicate, that number will likely be higher in 2013. Phishing acted as the attack vector for 79 percent of all social-based threats, preying on the haphazard way many users interact with social media content. Disturbingly, the report found that there was an 80 percent chance of getting a user to click on a phished link if a campaign were run twice.

In a post accompanying the release of the report, Verizon's Dave Hylender expounded on the universality of cyberattack vulnerability: "From pubs to public agencies, mom-and-pops to multi-nationals, nobody was immune. As a result - perhaps agitated by ancient Mayan doomsday predictions - a growing segment of the security community adopted an 'assume you're breached' mentality."

Web server vulnerabilities exploited by phishing
While companies may go on the automatic defensive that Hylender cited, social-based companies are not able to say the same about their users. The Verizon data reiterates the hard truth that social technology users often act carelessly. One wrong click, weak password or piece of shared information lacking encryption can spell a breach in computer security.

Hackers are increasingly targeting web servers, reported the Anti-Phishing Working Group in a recent survey. In an analysis of the report's findings, InfoWorld's Lucian Constantin wrote that 47 percent of phishing attacks in the latter half of 2012 were "mass break-ins" targeting shared web servers.

In the last six months of 2012, some 123,486 phishing attacks targeted 89,748 unique domain names, wrote Constantin. The study found that many phishing threats were hidden in shortened URLs, commonly used on Twitter, and in subdomain names.

Cyberattackers are particularly drawn to exploiting web servers, wrote Constantin, because these shared servers can host up to thousands of websites at a time. Once hackers breach a server, they reconfigure it so that phishing pages infiltrate subdirectory pages of every website.

Phishing will continue to be a popular choice for cyberattackers because it targets the natural and uncontrollable phenomenon of human error.

While human error cannot be completely controlled, systematic steps can be taken to prevent data breaches. Protect your sensitive information in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?