Online phishing schemes increased significantly in October as financial institutions struggled to combat attempts to steal
private account information from online consumers, according to the Anti-Phishing Working Group (APWG).
Last month, 1,142 sites were used for phishing, up 110 percent from the 543 sites reported in September, according to the
report issued this week by the APWG, a consortium of law enforcement, financial institutions and computer-security firms that
tracks the online attacks.
Almost 6,600 different phishing messages were reported to the group in October. The number of unique phishing e-mails has
grown an average 36 percent each month since July, said Peter Cassidy, secretary general for the group. "Organized crime has
embraced this technology and automation has increased the availability of phishing technology. They've become much more sophisticated,"
he said.
Phishing occurs when scam artists send fraudulent e-mails to consumers to lure them to Web sites that appear to be the home
page of a well-known financial institution. The e-mails instruct the consumer to leave account information on the site, which
the scammers then use for identity theft. According to the Federal Trade Commission, more than 10 million Americans were the
victims of identity theft last year, with an estimated 57 million Internet users receiving a phishing e-mail.
The financial services industry has been the hardest hit. A phishing e-mail making the rounds last month was designed to appear
to be from Citicorp, one of the nation's largest banks. Last year phishing scams cost banks and credit-card companies $10.2
billion, according to a recent Gartner report.
Banks are trying to combat phishing by educating their consumers about "spoof" e-mails. Several banks include information
about phishing on their Websites and in monthly statements. The APWG has been expecting the phishers to begin targeting regional
and local banks with their attacks, but that has yet to occur, noted Cassidy. "The phishers have not really broadened their
attacks beyond established brands such as Citicorp and Bank of America," he said. The number of brands subjected to the largest
numbers of phishing attacks did increase, rising from four in July to six in October. "Yet, you would really expect it to
be more. We think that will happen, but that is taking a little longer than we expected," said Cassidy.
The APWG is also warning companies and users of a new form of fishing that runs a script just when an e-mail is opened. The
new technique has only been detected in Brazil, but is probably being tested for wider deployment, said Cassidy.
In August, the Justice Department said it had arrested, charged or convicted more than 150 people related to criminal activity
on the Internet. Many of the cases centered on phishing schemes. The FBI has reorganized its efforts to combat cyber crime,
in large part because much of the illegal internet activity comes from international crime rings.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
