Cybercriminals using Google Analytics to enhance phishing efforts
A report from security firm Akamai found that hackers were using analytics services to optimize their phishing efforts.
Cloud security firm Akamai released a new report on Wednesday showing cybercriminals are using Google Analytics and other tools to measure the effectiveness of phishing campaigns.
According to Akamai researcher Tomer Shlomo, about 56% of all internet websites use web analytics, giving phishing kit developers ample opportunity to access troves of detailed reports with a variety of statistics like page views and geo-locations as well as other general user behavior information.
“As phishing has evolved over the years, criminals have learned that technical markers, like browser identification, geo-location, and operating system, can help adjust the phishing website’s visibility, and enable more granular targeting,” Shlomo wrote in the report.
“In order to evaluate these metrics, kit developers use third-party analytic products, such as those developed by Google, Bing, or Yandex, to gather the necessary details,” he added.
SEE: Phishing attacks: A guide for IT pros (free PDF) (TechRepublic Premium)
Framework developers, who make up a large portion of the phishing ecosystem, buy kits that help them steal credentials and gain access to private data. In order to make these attacks more effective, these developers are looking to build efficient attack flows.
Shlomo explained that these attack flows should be simple, like opening an email or clicking a link on a social media post, visiting a phishing website or completing the attack by sharing data like passwords.
These analytics help hackers hone in on specific people and tailor their…