Research from BforeAI reveals recent trends in phishing and spoofing in the financial industry. Between January and June 2024, 62,074 registered domains with financial keywords were observed. Among observed domains, 38,737 (62%) were determined to be connected to phishing attacks that target legitimate institutions through spoofing websites.
The report suggests that the rise in phishing and spoofing attacks is due to the accessibility and ease of use for phishing kits. Deepfake technology also increases the ease of spoofing for many malicious actors.
Well-known financial entities were common targets, suggesting that malicious actors tend to target high profile brands. Meanwhile, smaller firms tend to be harder to spoof. This is often because spoofing attacks on smaller firms are easier to spot and address. Moreover, the reach of such an attack would be limited compared to a larger firm.
The research warns of the following potential ramifications for businesses impacted by a phishing or spoofing incident:
- Financial loss
- Strain on security posture
- Damage to brand reputation or customer trust
