A report from RSA suggests that hacktivists are indirectly responsible for a portion of phishing attacks. "Hacktivism and the Case of Something Phishy" details how hacktivists are enabling phishing and other types of cybercrime by exposing various databases for their own agendas via a public download link. When this occurs, cybercriminals are quick to swoop in and pillage information including email addresses, payment cards and other personal and financial data before the site is taken down. The cyber criminals then use that information to conduct their own phishing or other fraudulent schemes, putting innocent people at risk.
[caption id="attachment_3393" align="alignleft" width="500"] Top Countries by Attack Volume[/caption]
This was the case during a high profile attack against Sony in 2011. While hacktivists targeted the corporation itself, it was the 25-million or so users that were the real victims, as their private and financial information was made public. These types of attacks continue to this day, as the report points out that 40,000 Facebook accounts were recently hacked and that the repercussions have yet to occur. The report also includes several graphs and tables that show phishing continues to rise in 2013 and that more and more brands are being targeted globally.
Taking the Sony case as just one example, because hacktivist cases such as these have been increasingly plaguing the Internet, it is clear that the one party that did not expect the hack – other than Sony, of course – were the millions of ordinary users whose data was offered up freely thereafter. Those same users didn't have advisors, lawyers and information security experts to help them recover from the actual and potential damages of the hack and its possible effects on their identities and personal finances.
This report underscores the need for companies to be proactive in combatting phishing attacks. They could happen at anytime, whether it is due to a cybercrime ring or the result of a high profile hacking. Having a solution in place, like Agari, that prevents phishing attacks from happening is the one sure way to keep a company and its customers safe.
To read the RSA report, click here.
To learn more about Agari’s solutions, click here.