How Does Phishing Work?

Phishing is an attack method used by cyber-criminals to covertly obtain the personal identity data and credentials of consumers through the use of social engineering and employment of malicious software. Social engineering methods deceive recipients into disclosing their credentials (such as usernames and passwords) and/or other personal data by using emails that imitate legitimate businesses and agencies. These emails direct users to log into fake websites. Criminals also use another method where malicious software is planted directly on consumer PCs, often using systems to capture usernames and password keystrokes. This method also leads users to end up on fake websites, or even legitimate-looking websites through proxies that are being monitored by the cyber-criminals.

The Impact and Penetration of Phishing Attacks by Method

Phishing attacks by distribution are becoming more sophisticated.

Emails – When being composed and sent, the emails are becoming more deceptive with an increase in domain spoofing to appear legitimate to consumers receiving the emails.

Hacked websites – Criminals observe behaviors and responses from where the content is hosted and from take down providers.

Hosted sites –  Criminals are choosing to register domains specifically for the purpose of attacking a legitimate brand. Criminals register domain names similar in nature to the business they are trying to compromise, and users are more likely to fall victim to these attacks.

Phishing is a world-wide problem, and FraudWatch International has many clients across the globe that we provide cyber security services to. Criminals target banking institutions for the obvious financial gain, and one of our UK banking clients found themselves becoming a major Phishing target with quite a number of issues to deal with.

In 2017, 88% of the Phishing attacks/incidents that occurred affected our clients from the financial sector. FraudWatch International have also observed an increase in Phishing attacks/incidents for our clients in the Payment Services sector.

Before signing up with FraudWatch International, the UK bank was receiving numerous reports from customers whose credentials had been stolen. This resulted in financial loss for the bank, an impact on brand reputation, and aggravated customers. Phishing sites, which were impersonating their business, would stay active for days, sometimes weeks, which meant their customers remained at risk of falling victim to the attack, even after the threat had been identified.  They needed help to neutralise the attack. The client came on board with FraudWatch International in 2015.

Since then FraudWatch has taken down over 2,600 Phishing incidents that were targeting this client and we have maintained a takedown median of 2 hours and 50 minutes.

This quick response time has reduced the impact of customers falling victim. The chart below shows the trends of incidents for this banking client.

Monthly Comparison of Phishing Incidents


FraudWatch International takes a three-part approach to combating Phishing online:

1. Detection – Phishing attacks need to be found as soon as possible. FraudWatch International offers proactive monitoring and works closely with clients to enable them to find Phishing attacks as early on in the attack chain as possible – in some cases before Phishing emails are even sent out to consumers.

2. Assess – Once a Phishing attack has been discovered, our team will review and decompile the attack to understand all attack vectors and ensure we are mitigating all attack points.

3. Takedown – FraudWatch International follows a tried and tested process to ensure that all phishing attacks are taken offline in the quickest possible time.

FraudWatch International provides industry leading takedown times resulting in less time that your brand is being exposed to criminal impersonation. Our Anti-Phishing services provide peace of mind not only for businesses, it’s protection and security for their clients as well.