The survey conducted by DomainTools at Infosecurity Europe shows an excellent rate of phishing website detection, but one Google site still manages to trick security professionals
LONDON - June 26, 2019 - Today, DomainTools, the leader in domain name and DNS-based cyber threat intelligence, announced the results of a survey conducted at this year’s Infosecurity Europe. The survey found that 92% of respondents successfully identified a Netflix phishing site, 91% an Apple site, 89% an eBay site and 89% an Amazon site. Only one phishing website included in the survey proved a significant challenge for security professionals, with 48% of the 265 respondents unable to successfully tell apart the false Google credential webpage from the legitimate one:
The phishing webpage, which was originally found by security researcher Mustafa Al-Bassam and shared via Twitter, was by far the most successful phishing webpages included in the survey, with other webpages aiming at spoofing other well-known brands being easily identified by a large majority of respondents.
“The results of this survey show both cause for celebration, and for concern”, said Corin Imai, senior security advisor at DomainTools. “The good news is that the security industry successfully identified most scams with ease; security professionals have taken it upon themselves to train users and it’s encouraging to see the fruits of our labour. However, it only takes one successful phishing campaign to mimic a well-known brand to capture victims’ credentials and PII. Cybercriminals will simply do what they have always done and follow the example of this Google webpage in making their scams ever-more convincing. If these campaigns are successful, they will continue.”
Those who identified as PR and Marketing people were the most successful group by job type at identifying the Google scam, with 55% correctly choosing the phishing site – narrowly beating security researchers at 52%. Those who identified as C-Suite members were the least successful, with only 17% of them choosing the correct image.
Subverting traditional beliefs about the older generations and computer-literacy, the most successful age group at identifying the Google phishing site were the over 50s, 63% of whom identified the correct image.
This survey was conducted at Infosecurity Europe 2019 at Olympia London , from June 4th-6th using Survey Monkey.
About DomainToolsDomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at http://www.1081377.com or follow us on Twitter: @domaintools.