The number of fishing reports in December 2021, more than 63,000 from the previous month to over 63,000 | TECH+ Mynavi News Mynavi
Changes in the number of phishing reports sent to the phishing countermeasures council from January 2021 to December 2021: Fishing Council
According to reports, the top of the branded brand is Amazon, which accounts for about 27.4%of the total, and is far behind other brands as before.After the second place, Mercari, Sumitomo Mitsui Card, ETC Usage Inquiry Service, JCB, followed by about 88.4%of the total of about 74.0%of the total and more than 1000 reports in the top five brands.It is said that it was occupied.
There are a total of 77 brands that have been abused by fishing, and the number of cracks and bank brands, as before, accounted for many phishing.In addition, in addition to the fact that there are many phishing that seems to be the purpose of the stealing of certification information (IDs and passwords) in e -mail accounts and management accounts, the report of SMS that led a mobile carrier to a fishing site compared to November.It has been pointed out that it has increased tripled.In addition, he received a large number of phishing reports for insurance companies, and also received a fishing report to deceive the water bureau.
In recent months, it has been pointed out that there are many "spoofing" phishing emails using a regular service domain for the source email address, but in December it has received many reports.Currently, the phishing measures that are mainly introduced in Japan are SPF (Sender Policy Framework), which uses the sender as the criterion, but this alone is insufficient, so DMARC (Domain-Based Message (Domain-Based Message) that realizes stronger spoofing measures.It is recommended to introduce measures corresponding to authentication protocols called Authentication, Reporting, and Conformance).
As for the user, when using the service that you usually use, instead of clicking on the email link, you will be carefully noted, such as logging in from a regular app or a regular URL with a bookmarked.You need to take it.In particular, if you are required to input credit card information, mobile phone number, authentication code, account information, one -time password, etc., the phishing council will call again so that it is a phishing before entering.ing.
It is thought that the website used for fishing fraud was created by copying the contents of the formal website, and it is difficult to distinguish it at first glance.In order to confirm the truth, it is desirable to perform operations such as accessing the official app or bookmark registered in the web browser, rather than following the link contained in the email or message.。