According to RiskIQ’s Q3 2017 report on the subject, the firm scanned 53% fewer advertisements containing a blacklisted incident—phishing, scams, exploit kits and malware—than Q2, reversing a trend from the second quarter which found a 19% increase in total malvertising over Q1.
Exploit kits have continued to decline, but malware, which decreased by almost 45% last quarter, was the only type of malvertising to increase in Q3. Meanwhile, phishing, which rose over 100% last quarter, experienced a considerable decline, which could mean attackers thought it wise to pivot to dropping malware from trying to trick users into clicking on deceptive ads that may lead to pages requesting sensitive data.
“Although our data shows a 21% drop in scams (disingenuous advertising), it continues to be a favorite tactic of threat actors—RiskIQ detected almost 990,000 incidents in Q3 and profiled several new tactics,” the firm said. “Scammers drive immense amounts of valuable traffic to their sites via vast scam networks. Their fraudulent landing pages (take a survey to win a free PlayStation!), are often ignored by typical malvertising detection methods because of the gray nature of their payloads but can grow to enormous sizes and degrade the quality of the internet.”
RiskIQ also recently released its Q3 2017 phishing trends report, showing that its research team observed 931,665 unique blacklisted phishing URLs.
Of these, 27,868 were unique domains, down from the 39,320 in Q2. In fact, overall detections have decreased slightly in Q3—RiskIQ observed a total of 279 brands targeted by phishing campaigns in Q3, down from the 316 in Q2.
“This is because the nature of phishing campaigns is cyclical,” the report noted. “While the method and frequency of phishing campaigns vary, the threat remains consistent.”
One constant is the Top 10 brands being observed, all but three of which are the same between Q2 and Q3. As far as the new brands, two are large financial institutions, and the third is a social media platform.
In terms of segments, financial services (accounting for 40% of targets) and digital transaction brands (20% of targets) continue to be favorite targets. Social media platforms made up 10% of targets, as did cloud storage providers. Large tech companies accounted for 20%.