Akamai secures and delivers digital experiences for the world’s largest companies. Akamai’s intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps, and experiences closer to users than anyone — and attacks and threats far away. Akamai’s portfolio of edge security, web and mobile performance, enterprise access, and video delivery solutions is supported by unmatched customer service, analytics, and 24/7/365 monitoring. To learn why the world’s top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global contact information at www.akamai.com/locations. Published 08/19. A PROFITABLE PHISHING INDUSTRY Application-Layer Attacks Become More Frequent SUBSIDIARY DDOS ATTACKS Criminals use high-density DDoS attacks to distract security teams from credential stuffing and web attacks AUTOMATED CREDENTIAL STUFFING Download the full report for a more complete tour of the financial services criminal economy [state of the internet] / security Financial Services Attack Economy Volume 5, Issue 4 GOING WHERE THE MONEY IS A brief tour of the financial services criminal economy DOWNLOAD THE FULL REPORT THE FINANCIAL SERVICES SECTOR ATTRACTS A SIGNIFICANT SHARE OF CRIMINAL ACTIVITY CONCENTRATED WEB ATTACKS 4 Vectors Account for 94% of Web Application Attacks SQLi 41.63% XSS 9.88% LFI 40.63% OGNL Java Injection 2.08% New phishing domains detected December 2, 2018 – May 4, 2019 197,524 New phishing domains detected in this period that targeted financial services consumers 34% Lost to the Business Email Compromise (BEC) phishing variant in 2018 $13.2 billion 7,378,074 Global malicious login attempts 6.1% Unique DDoS targets 42.2% Web application attacks 9.2% Consumer-targeted phishing domains 50% Repelling a SYN-ACK attack once landed financial institution IP addresses on a blacklist of malicious actors, bringing reputational damage on the spam registry Total failed login attempts against financial institutions observed over a 14-day period 37% Of logins authenticated via OFX v1.x failed 33% Of logins failed DDoS Attack Density Measured in Packets per Second $ New State of the Internet / Security Report Financial Services Attack Economy 1,735,264,281 Median bps Financial Services 1,016,437,307 Median bps Other Industries DDoS Attack Density Measured in Bits per Second DDoS Attack Density Measured in Packets per Second Why Credential Stuffing Attacks Work Recycled Passwords Why Accounts Are Targeted Same email address or username discovered in multiple breaches #1 530,723 Median pps Financial Services 170,085 Median pps Other Industries A high percentage of failed logins is evidence of credential stuffing attacks. For more evidence, download the full State of the Internet / Security report here. “I received an email from my bank telling me that my services online and via phone were suspended ... due to multiple attempts using [incorrect] credentials …” — Steve Ragan, Sr. Technical Writer, Editor, State of the Internet / Security REASON