As a company with offices in Northern California it should come as no surprise that many of us are big fans of the Golden State Warriors. And while we watched the Toronto Raptors compete against them in the NBA finals and break our hearts by eventually winning the championship (congratulations to the Raptors and all of Canada), we couldn’t help but think about how Canada is also the top geographic location for phishing attacks. According to a Q1 2019 RSA Quarterly Fraud Report, 52% of phishing attack targets are in Canada while the U.S. was targeted in only 6% of the attacks. This is the one instance where we didn’t mind losing to our northern neighbors.
The 2019 Phishing Trends And Intelligence Report from PhishLabs showed how the country worked its way to number one as phishing grew by 170% in 2018 over 2017 in Canada. The same report stated that the Canadian Interbank Network was responsible for some of the growth.
“Beginning in April 2018, there was an explosion of phishing sites posing as e-Transfer alerts from a Canadian interbank network. Recipients of these phish are told they have received funds — often tax rebates from the Canadian Revenue Agency — and prompted to select their bank and login using a fake version of their normal online banking system.
Normally, phishers are forced to pose as a single financial institution. This reduces the effectiveness of their attack, as many recipients will not be customers of the institution in question. Modeling the interbank network e-Transfer alerts is attractive to cybercriminals because it enables them to target customers of several financial institutions at once, increasing their success rate.”
Vade Secure published their Q1 2019 Phishers’ Favorites report, which also found that phishing attacks against Canadian Imperial Bank of Commerce (CIBC) increased 44%, moving it up nine spots to make it the 10th most-phished brand globally.
If you live and work in Canada (or even if you don’t), traditional domain reputation and URL inspection anti-phishing technologies may not be able to identify today’s fast-moving phishing threats. As an anti-phishing specialist, SlashNext has pioneered a new, unique architecture that employs cloud-based Session Emulation and SEER™ threat detection technology. It uses virtual browsers to dynamically inspect page contents and server behavior in a purpose-built cloud to definitively detect phishing sites in real-time and with extreme accuracy.
SlashNext Real-Time Phishing Threat Intelligence covers all six major categories of phishing and social engineering threats and identifies live zero-hour threats in real-time allowing organizations to respond in real-time with automated blocking through integration with their firewall.
See what phishing threats you’re missing. Contact us for a demo or try SlashNext Real-Time Phishing Threat Intelligence free for 15 days.