Fortra’s Q2 2024 report has unveiled a series of concerning trends in the digital threat landscape, analyzing hundreds of thousands of attacks on enterprises, their employees, and brands across domains, social media, counterfeit websites, and the dark web. The findings provide valuable insights for security leaders to better understand the evolving tactics of threat actors and implement proactive measures to mitigate risk.
Rise in Domain Impersonation Attacks
The report highlights a rise in domain impersonation attacks, with brands facing an average of 73 look-alike domain attacks per month, peaking in May 2024 at over 80 attacks per brand. Despite fluctuations, this represents a significant increase from the previous quarter.
Additionally, Fortra’s analysis showed that nearly 47% of phishing sites in Q2 were hosted on Legacy Generic Top-Level Domains (gTLDs) like .com, .org, and .net, despite a 7% decline in shared abuse. The .com domain alone accounted for almost 40% of phishing activity. The report also identified a sharp rise in the use of new gTLDs such as .dev, .vip, and Russia’s .ru, marking an evolution in how threat actors stage their attacks.
Spike in Social Media Attacks
Social media is a growing battleground for cyber threats, with brands facing an average of 138 attacks per month, a significant 60% increase from Q1. May saw a dramatic spike, with nearly 160 attacks per brand, a 27% jump from earlier in the quarter. These attacks include fraud, impersonation of corporate brands or executives, and cyber risks such as hacking attempts and counterfeit product promotions.
The increasing reliance on social media platforms, particularly among younger demographics, has amplified the threat surface, making detection and monitoring on these channels critical for organizations.
Counterfeit Sites on the Rise
Counterfeit websites targeting enterprises surged by more than 50% from the previous quarter, with brands experiencing an average of 11 attacks in May alone, an 18% increase compared to April. These counterfeit sites often mimic reputable brands to deceive customers and expose them to security risks like malware or phishing attempts.
Dark Web Threats: Fraud Tools on the Rise
On the dark web, researchers observed that 93.8% of all threats revolved around credit card data and fraud tools. Despite an 8.3% decline in stolen card data activity, it still accounted for nearly 70% of threats in Q2. Notably, the growth of fraud tools—designed to compromise corporate environments—more than doubled, emerging as the fastest-growing dark web threat.
Fraud tools, stolen account credentials, and cyber risks continue to plague businesses, with the majority of stolen data being sold through carding marketplaces and chat-based services. The dark web remains a critical avenue for threat actors looking to monetize stolen information.
To read the full report, click here.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.