RSS feed Get our RSS feed

News by Topic

BizReport : Ecommerce : July 12, 2021

Reports show cybercriminals continuing to push boundaries

Two new reports highlight cybercriminals on-going attacks on the digital space. From credential stuffing to phishing, these criminals continue to target not only consumers but businesses and developers.

by Kristina Knight

For instance, Armorblox researchers found cybernasties exploiting legitimate services from hosting site GoDaddy in a credential phishing attack. Fraudsters used a loophole to sneak their attack past Google Workspace security, telling consumers that their Paypal profile was incomplete and offering a spoofed link to gain their financial information.

The attack used brand impersonation and social engineering to sneak past existing workflows in their attempt to fool people.

The Armorblox report data can be found here.

Meanwhile, data out from Akamai indicates gamers, developers, and gaming platforms are high on fraudsters' lists of attack destinations. According to their latest Gaming State of the Internet report gaming sites saw a 340% increase in web application attacks from 2019 through 2020. This includes mobile games.

"Criminals are relentless, and we have the data to show it," said Steve Ragan, Akamai security researcher and author of the State of the Internet / Security report. "We're observing a remarkable persistence in video game industry defenses being tested on a daily - and often hourly - basis by criminals probing for vulnerabilities through which to breach servers and expose information. We're also seeing numerous group chats forming on popular social networks that are dedicated to sharing attack techniques and best practices."

In addition to the web application attacks, the gaming industry saw an increase in credential stuffing attacks (224%); just over half (59%) of attacks were SQL injection attacks, targeting login credentials.

More data from Akamai can be accessed here.

To better protect, especially as many organization still have many employees working remotely, Armorblox suggests augmenting native email security with additional controls to protect user information, and to update employees' knowledge of cyber attacks, including how fraudsters use social engineering to sneak past defenses.

Tags: advertising, Akamai, Armorblox, customer data security, ecommerce, ecommerce security, online fraud tips, online fraud trends

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.