Threat actors are increasingly leveraging Google Analytics and other web analytics tools in order to optimize their phishing campaigns, a recent Akamai study reveals. Attackers use these tools in order to keep track of “technical markers, like browser identification, geo-location, and operating system,” that “can help adjust the phishing website’s visibility, and enable more granular targeting.”
An analysis of over 60,000 phishing URLs revealed close to 900 unique tracking identifiers, about 400 of which were connected to unique Google Analytic accounts. The researchers note that in the fight against phishing, infosec professionals should also use analytics in order to better understand phishing campaigns and where they might originate form.
Read more: Cybercriminals using Google Analytics to enhance phishing efforts