"H2 2019: Duration of Phishing Attacks Grows, Use of Banking Trojans Wanes"
Group-IB's Computer Emergency Response Team (CERT-GIB) observed a significant growth in the number of phishing attacks launched last year. CERT-GIB blocked 5,939 more phishing web resources in 2019 than in 2018. According to the response team, there has been a surge in the number of blockages because cybercriminals are no longer stopping their malicious campaigns immediately after their web pages are blocked. Instead, they continuously replace blocked web pages with new phishing pages. Cybercriminals also no longer need to be highly-skilled to create phishing pages as tools for operators of web phishing campaigns have become increasingly available. Figures revealed that the top three targets of web phishers in 2019 were cloud storage providers, financial organizations, and online services such as online streaming services, e-commerce, client software, and more. Email remains the top vector of choice for distributing ransomware, spyware, and other malware, with attachments being used more than links to deliver malicious items. This article continues to discuss findings on the increased persistence in phishing attacks, the shift in web phishers' targets, and malware delivery methods.