• by Ray Schultz , September 13, 2019

Webmail and SaaS providers were among the most popular phishing targets in the second quarter of this year as malicious incidents rose overall, according to the Phishing Activity Trends Report, a study by the Anti-Phishing Working Group (APWG).

From April to June, APWG detected 182,465 attacks -- up from 138,328 seen in the same period in 2019 and the 180,768 discovered in the first quarter of 2019. 

Of those second-quarter attacks, 36% were aimed at branded Webmail and SaaS and Webmail providers.

APWG member Agari reported that these gangs used targeted spear phishing to conduct business email compromise (BEC) attacks.

Often, they impersonated a trusted colleague or supervisor and ordered the employee to send a gift card, supposedly for a favored customer or staffer.

The object: To trick victims into sending funds or sensitive information. Of the attacks seen, 10% requested payroll diversions and 15% demanded bank transfers. 

Gift cards were featured in 65% of BEC attacks during the second quarter. Cyber felons like these methods because they are “more anonymous, less reversible, and do not require the use of a mule intermediary,” states Crane Hassold, Agari’s senior director of threat research. 

The most requested gift cards by scammers were Google Play, (41%) Steam Wallet (12%), Amazon (9%), and Apple iTunes (8%).

The average sum for a bogus bank transfer request was $64,717, and one went as high as $950,000. 

Apart from Saas/Webmail, the most targeted industry sectors in the second quarter were payment (22%) and financial institutions (18%). Small percentages also went after telecommunication firms and logistics/shipping providers.