The CSIRT KNF team reported 51,241 phishing domains to CSIRT NASK for blocking in 2024, which is an increase of approx. 70% y/y – the Computer Security Incident Response Team of the Polish Financial Supervision Authority reported in its annual report. CSIRT KNF also reported 45,985 dangerous domains related to fake investments.
The growing scale of threats faced by cyberspace users is shown by the growing number of phishing domains detected by CSIRT KNF (a cyberattack that involves extorting confidential data from users – PAP). The number of identified, fraudulent domains increased from 17,200 in 2022 to 30,140 in 2023 and to 51,241 in 2024.
In addition, in 2024, CSIRT KNF reported 10,951 fraudulent ads in social media to be blocked. The largest number of ads of this type was recorded in May (1,699) and July (1,455), while the fewest were in March (436) and December (432).
It was also indicated that CSIRT KNF reported as many as 45,985 dangerous domains related to fake investments, which constitutes 89.4 percent of all reported domains.
“Advertisements of fake investments identified by CSIRT KNF constitute one of the main threats aimed at users of the financial market in Poland. This type of attack consists in encouraging the victim to invest their savings in projects or investment products that do not actually exist,” it was written.
As reported, images of politicians were most often used for this purpose, constituting 26 percent, while celebrities constituted 14 percent of domains reported by the team promoting fake investments, State Treasury companies 11 percent, while entrepreneurs constituted only 6 percent.
“A large part of the advertisements for fake investments were also frauds related to the use of the motive of recovering lost funds. A large part of the advertisements concerned the use of images of State Treasury companies. The smallest percentage were crimes in which cybercriminals used the image of influencers, banking institutions or the Tesla company,” it was written.
It was also pointed out that fake surveys were a growing threat in 2024. In 2024, CSIRT KNF identified 4,030 such domains, which is the second most common type of fraud in the Polish financial sector.
“This is a significant increase compared to previous years,” it said.
In addition, in 2024, CSIRT KNF identified 175 domains related to banking fraud.
“Cybercriminals impersonated financial market entities on the websites they created and used them to steal login data for electronic banking,” it was written.
The report also indicated that the most significant vulnerabilities in IT systems that were actively used in campaigns conducted by threat actors (a person or group that tries to undermine or violate the security of data and systems – PAP) in 2024 include security gaps identified in the products of the following companies: Ivanti, Fortinet and Zimbra. (PAP Biznes)
mcb/ ana/