Content, Channel partners, Content, Phishing

Webroot: Nearly 1.4 Million New Phishing Sites Launched Each Month

Webroot CTO Hal Lonas
Webroot CTO Hal Lonas

Phishing attacks are growing at an unprecedented rate, which is reflected in a report from cybersecurity and threat intelligence services provider Webroot.

Key findings from the "September 2017 Webroot Quarterly Threat Trends Report" included:

  • Phishing is one of the most common and widespread security threats to businesses and consumers. Phishing is the leading cause of data breaches. Roughly 1.4 million new phishing sites are created each month, and an average of more than 46,000 new phishing sites are launched daily.
  • Phishing attacks are short and fast. On average, a phishing attack is active for four to eight hours.
  • Phishing attacks are more sophisticated than ever before. Hackers frequently conduct research and utilize social engineering to uncover relevant personal information for individualized phishing attacks.
  • Cybercriminals are trying to impersonate globally recognized brands. Zero-day websites used for phishing tend to impersonate a small number of companies, including Google, Chase and PayPal.

Ultimately, a combination of user education and organizational protection with real-time intelligence can help businesses and consumers stay ahead of phishing attacks and other cyber threats, Webroot Chief Technology Officer Hal Lonas said in a prepared statement.

Webroot Acquires Securecast, Launches Security Awareness Training Platform

Webroot recently has made several moves to help MSPs protect customers against phishing attacks.

The company last month acquired security awareness training platform provider Securecast for an undisclosed sum. Also, Webroot launched Webroot Security Awareness Training, a fully hosted awareness-as-a-service platform designed to help MSPs and businesses reduce the risks and costs of phishing, ransomware and other cyber threats.

With Webroot Security Awareness Training, MSP security administrators can send interactive security awareness training courses to educate end users and minimize the risk of human error, Webroot indicated.

In addition, Webroot Security Awareness Training features a phishing simulator and template library that allows MSPs to engage and test end users with real-world phishing scenarios, Webroot stated.

Webroot Security Awareness Training is available as a beta program, and the platform is scheduled to be generally available this fall.

Phishing Attacks Are 'Top Threat' to Organizations

Phishing attacks represent "the top threats with significant impact entering organizations," according to an August 2017 survey of security professionals conducted by information security and cybersecurity training company SANS Institute.

SANS Institute's "2017 Threat Landscape Survey" revealed 40 percent of respondents named phishing as the top threat with significant impact entering organizations. Also, 72 percent indicated organizations encountered phishing attacks more frequently than other types of cyberattacks.

Furthermore, many survey respondents said they believe both end users and IT teams can play important roles in cyberattack detection and prevention, SANS Institute stated.

Sixty-seven percent of survey respondents said end users need training to be more aware of cyber threats, and 42 percent stated they need to improve their operational cybersecurity practices, SANS Institute indicated.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.