Almost half of all phishing attacks, which involved fraudulentemail messages or copycat websites that appear legitimate,registered in 2016 by heuristic detection technologies looked tosteal their target's funds.

Last year, Woburn, Mass.-based Kaspersky Lab's anti-phishingtechnologies detected almost 155 million user attempts to visitdifferent kinds of phishing pages.

Of those, almost 50% of heuristic detections attempted to visita financial phishing page, i.e. where the aim was to obtainvaluable personal information from users, such as financial accountnumbers, credit accounts, social security numbers, and login andpasswords to access online banking.

The cybercriminals intended to use this informationto steal money from their victims. This is the highest share offinancial phishing registered to date by Kaspersky Lab.

Compared to 2015, the amount of financial phishing attacksincreased by 13.14% in 2016 to comprise 47.48% percent of allphishing attacks blocked by heuristic detection technologies.

Banking phishing schemes are the absoluteleaders among all types of financial phishing.

Every fourth (25.76%) attack used fake online bankinginformation, or other content related to banks – a result that is8.31% higher than in 2015.

The share of phishing related to payment systems and e-shopsaccounted for 11.55% and 10.14% respectively, an increase of 3.75%and 1.09% compared to 2015. The share of financial phishingdetected on MacOS computers was 31.38%.

“It's clear that financial cybercriminals are increasingly onthe look-out for new ways to exploit users and extract money fromthem,” Kaspersky reported in its blog.

Financial phishers, according to Kaspersky Lab, are particularlykeen to use data related to top multi-national banks, popularpayment systems and internet shops and auctions from the U.S.,China and Brazil in their scams.

The list of brands used stays the same from year to year, astheir popularity remains high and they are therefore a lucrativetarget for cybercriminals.

In 2016 the number of users attacked with malware targetingfinancial data started increasing once more, following a decreasein 2014 and 2015. In 2016 the number of users attacked with bankingTrojans increased by 30.55% to reach 1,088,900. Some 17.17% ofusers attacked with banking malware were corporate users.

Attacked most often by banking malware: users in Russia,Germany, Japan, India, Vietnam and the U.S. The most widespreadbanking malware family: Zbot with 44.08% of attacked users.

“Financial phishing has always been one of the easiest ways forcybercriminals to earn illegal money,” Nadezhda Demidova, seniorweb content analyst at Kaspersky Lab, said.

“You don't have to be a skilled programmer, and you don't haveto invest lots of money into supporting infrastructure. Of course,most phishing schemes are easy to recognize and avoid, but judgingby what we see in our statistics, lots of people are still notcautious enough when it comes to dealing with financial dataonline. Otherwise, we wouldn't have seen so many attacks in2016.”

In order to protect themselves from phishing, Kaspersky Labexperts advise users to take the following measures:

1. When paying online always check the legitimacy of the website.HTTPS should protect the connection, and the domain should belongto the same organization.
2. Always check the legitimacy of emails that come from famousbrands. Even if it encourages someone to do something urgently,like change a password.
3. Don't click the links in emails or web-pages if you have doubtsabout their legitimacy.
4. Use a proven security solution with behavior-basedanti-phishing technologies that can identify even the most recentphishing scams.