New threat analysis from researchers at Kaspersky has revealed a dramatic rise in the number of password-stealing attacks targeting Amazon, Facebook and, most of all, Google users. Here’s what you need to know.
Amazon, Facebook And Gmail Are A Magnet For Password Hackers
It should come as no surprise that the likes of Gmail, Facebook, and Amazon account credentials are so sought after by malicious hackers. After all, such accounts can be used to complete the cybercrime triumvirate of data theft, malware distribution and credit card fraud respectively. Google accounts, in particular, are something of a skeleton key that can unlock a treasure trove of other account credentials and personal information to commit fraud. Just think about the information that is contained in your Gmail inbox, and the chances are high that you have one given how popular the web-based free email service is. And that’s before you consider how many organizations still send password change requests and second-factor authentication links to your email account.
Kaspersky analyzed a total of 25 of the biggest and most popular global brands in order to determine those that are targeted more by cybercriminals when it comes to phishing attacks. The researchers found, Kaspersky said, that there were around 26 million attempts to access malicious sites masquerading as any one of these brands in the first half of 2024 alone. That represents an increase of approximately 40% increase from the same period in 2023.
Phishing Attacks Against Google Increased By 243%
Sitting at the top of the phishing target pile, for all the reasons already mentioned, was Google. When it comes to attempting to steal credentials such as passwords, Google remains a firm favorite on the cybercriminal attack radar. Kaspersky said it had seen a 243% increase in attack attempts for the first six months of 2024, with some 4 million such attempts blocked by Kaspersky security solutions during this period.
“This year has seen a significant increase in phishing attempts targeting Google,” Olga Svistunova, a security expert at Kaspersky, said, confirming that a criminal who gains access to a Gmail account “can potentially access multiple services, making it a prime target.”
Facebook users saw 3.7 million phishing attempts according to the Kaspersky research, which has yet to be published publicly online, while Amazon was on 3 million. Microsoft, DHL, PayPal, Mastercard, Apple, Netflix and Instagram completed the top ten most targeted brands list. Although they didn’t make the top ten, Kaspersky said that other brands seeing a dramatic increase in targeting during the first six months of the year included HSBC, eBay, Airbnb, American Express, and LinkedIn.
It’s important to note, however, that Kaspersky security researchers have put this rise down to an increase in fraudulent activity and not any decline in vigilance on the part of the targeted users.
Advice to prevent falling victim to a phishing attack, including methods of reporting any attempts, is available here online from Google, Facebook and Amazon.