German Cyber Security Centre

Phishing emails to Germany’s e-banking customers top 40,000

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Germany is marking its 40,000th officially reported e-banking phishing scam in the last decade.

Research from PreciseSecurity.com revealed that Germany has suffered an abundance of damaging phishing attacks targeted specifically at online banking users.

The online security specialists reported that the number of phishing attacks tripled between 2008 and 2010 before hitting it’s first peak of 6,422 cases. While the scam email quantity trend reverted downwards for the next 12 months, it was short-lived as 2014 saw just shy of 7,000 cases reported.

Since 2014, the number of cases has significantly decreased, with reported phishing emails dropping by around 40% year on year to a decade-low of 723 cases in 2018.

Unfortunately while less malicious emails may sound like a good thing, the reality is that social engineers have moved away from their old “Spray and pray” approach and now focus their efforts on concentrated spear phishing attacks, which currently account for over 90% of successful data breaches.

This was made clear by the continuing global rise in detected phishing sites, which sits at 182,465 in Q4 2019, 25% higher than Q4 2018.

The main victims of phishers remains to be SaaS and webmail sites, accounting for 36% of targeted attacks, while the next most targeted (online payments) was significantly further behind at only 22%.

Hackers relentlessly harvest credentials for these sectors, using them to compromise business emails and access organisations’ SaaS accounts.

These findings show us how malicious actors are still getting better at getting through to our human weaknesses and extracting vital and sensitive data.

The need for Security Awareness Training is stronger than ever and educating users on how to spot phishing emails massively reduces an organisation’s threat surface at very little cost.

At Phishing Tackle, we work diligently to provide the most up-to-date Security Awareness Training and simulated phishing to ensure that when your users receive a phishing email, it doesn’t cost them their career or jeopardise your organisation.

If you want to know how many of your users are susceptible to clicking a phishing email (Click-Prone), we created a totally free Click-Prone® Test, find out how many of your users are Click-Prone today!