Individual Post Archive
« Tesco wades in to web phone calls | Main | The business transformation journeyCanada Post focuses on people and processes »

January 19, 2006

Phishing Attacks Hit All-Time High

Phishing Attacks Hit All-Time High - Yahoo! News

Elizabeth Millard, newsfactor.com Thu Jan 19, 4:29 PM ET

The Anti-Phishing Working Group (APWG) is saying that phishing attacks are more rampant now than ever, especially after last year, which saw steady growth of the online fraud.

The number of unique fraud attacks launched over e-mail in November 2005 was nearly double that of November 2004, according to the industry group.

Although phishers continue to stick to some tried-and-true tactics -- such as using the names of financial institutions to trick people into giving up their account information -- they also have started using the names of other brands, like eBay, Google, and Apple.

The number of major brand names targeted increased from 64 to 93 over the course of the past year, the APWG claims. Also increased is the number of Trojans used by phishers, particularly those pieces of malicious software that are carrying keylogger programs.

Serious Problem

The continued rise in phishing attacks shows increasing sophistication in strategy as well as more organized efforts among online criminals, said Dave Jevans, APWG chairman.

"We're a long way from the days when attacks on systems were done to show off," he said. "With the motivation today being money, that creates a different kind of attacker."

Often, he said, phishers are highly organized and very technologically savvy in using remote-controlled zombie machines to launch their attacks.

As Internet users become more aware of potential scams involving financial institutions, phishers have been broadening their tactics to include messages purporting to be from well-trusted companies like Apple.

"Basically, if they think it'll work, they'll try it," said Jevans. "So many companies send e-mails out to users with information about their account settings, and phishers see that as an opportunity to cash in."

Changing the Filter

The APWG is keen on educating users to help reduce the phishing threat. And, as users become slowly more aware of the problem and take protective measures, other organizations have launched some technological efforts to tackle the phishing problem.

For example, the recently released Thunderbird e-mail client, version 1.5, has a built-in phishing detector to flag suspicious e-mail messages.

Other e-mail applications and Web browsers have begun to implement phishing protection as well, and the industry as a whole has been calling for stronger forms of e-mail authentication.

January 19, 2006 at 10:50 PM in Phishing & identity theft | Permalink | TrackBack (7) | Top of page | Blog Home