Credit Union Phishing Attacks on the Rise Again
The latest fraud report from the RSA Anti-Fraud Command Center shows that, after a decrease in September, phishing attacks on credit unions jumped back to 40 percent of all financial institutions struck. (See RSA’s complete report:)The earlier drop in the credit union numbers, which was thought by RSA’s Senior Product Marketing Manager Jens Hinrichsen to be an anomaly, has proven to be just that.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
Another notable highlight: the emergence of Internationalized Domain Names (IDNs) to spoof website names by using alternate alphabets (i.e. Cyrillic), where letters correspond to their Latin counterparts. “A spoofed phishing domain which is based on an IDN can look exactly like a genuine bank’s domain written in standard code,†the report says. Once the phishing attack is initiated, however, it is treated and stopped just like any other phishing attack and does not present a greater danger to the user.
The report also shows that the number of brands attacked remained constant from September, signaling that the same brands were attacked more frequently than before. And attacks on regional banks are at a record-low 17 percent of all attacked institutions.
The worldwide distribution of attacked entities remains relatively unchanged from June to October. The share of U.S. brands is always very dominant, and October is the ninth consecutive month in which UK institutions occupied the second spot with 16 percent of the phished entities. The top seven positions in the list remain unchanged for the fourth consecutive month. Peru and Costa Rica are new to the list, as Latin American institutions have experienced increased attacks in the past six months. They both account for 1 percent each of the global banking brands attacked by phishing.