resource
Life Cycle of a Scam
Understanding the scam lifecycle is important for creating a strong cybersecurity plan. This plan will protect your customers and your profits.
Before First Invite Goes Out
Attacker sets up website and tests 27 minutes before first communication goes out to targets.
25% of Victim Visits Occur
Over the first 4 hours a quarter of the total scam victims will have fallen prey.
50% of Victim Visits Occur
Half of the victims have had their credentials stolen.
9 hours and 51 minutes
Anti-phishing ecosystem lists site as malicious.
Someone does not block access. Victims continue to engage.
Hours 10 - 18
90% of Victim Visits Occur.
At this point almost all victims have shared their credentials.
Hours 18 - 23
Last Victim Visit.
In less than 24 hours, someone steals the last victim’s credentials. This is typically where the lifecycle of a scam ends.
Impact After the First 24 Hours
5 days, 14 hours, 48 minutes
First fraudulent transaction using stolen data.
7 days, 7 hours, 19 minutes
Compromised credentials found in “dump” on the dark web.
Related Articles
-
SharkBot Mobile Banking Trojan Embedded in Banking AppIn a recent mobile malware scan for one of our partners, Allure Security...
-
How to Handle Parked DomainsWhat is a Parked Domain? Many brands are unsure about parked domains with...
-
Webinar: IT Leaders on Online Impersonation FraudSecurity against the Rising Threat of Impersonation Scams Cybersecurity remains a back-and-forth contest...
-
Fraudsters Abuse Dynamic DNS Subdomains For PhishingAllure Security has noted an increase in scammers utilizing dynamic DNS (DDNS) services....
-
Damn Filters Recovers from Poisoned Search Engine ResultsPoisoned Search Engine Results Damn Filters, a leading company in Kansas, sells online...
-
How to Takedown Fraudulent WebsitesWebsites imitating and misrepresenting your brand can lead to your customers and prospects...