Posted on 10 Aug 04
The following article first appeared in INFORMATION WEEK and contains information important to every Internet user.
Phishing attacks were back up in June, the Anti-Phishing Working Group said Tuesday, as the scams that continue to plague users and steal millions from financial institutions climbed to all-time records.
The group, an association of more than 250 companies, tracked 1,422 new unique phishing attacks in June, an increase of 19% over May's 1,197, and more than 25% higher than the previous month's record.
The average number of attacks per day was up even more: 47.4 in June versus 38.6 a day in May. In an earlier report this summer, the group noted that while May's first few weeks were thick with phishing scams, schemers seemed to take a vacation around Memorial Day. That vacation, obviously, is over. For the year so far, phishing has been growing about 52% per month. No wonder the scams are getting the attention of users and the financial organizations victimized by the attacks.
The solution, said the group, lies in sender authentication, a scheme in which E-mail essentially "proves" to the recipient that it came from where it said it came from. "As phishing attacks continue to increase at a rate of more than 50%, enterprises must turn to authentication-based technologies," said Jeff Smith, CEO of Tumbleweed, the founding firm of the Anti-Phishing Working Group.
The Internet Engineering Task Force is meeting in San Diego this week and is expected to approve the Sender ID standard, a blending of Microsoft's Caller ID and the Sender Policy Framework protocol by Friday.
Shutting down address spoofing may be the best way to stop phishing, said the anti-phishing group's report, since 92% of all phishing E-mails use bogus addresses.
In other analysis of phishing figures, the APWG noted that the average "life span" for a phishing site is a mere 2.25 days, an indication of how fast scammers cut and run--and thus how difficult it is to track them down. And for the first time, the group also did an in-depth analysis of a single phishing attack.
Over a 12-day run during late June and early July, two banks were hit with identical attacks from a series of bogus sites hosted in multiple countries--including the United States, Uruguay, and South Korea--with the sites shifted daily during four of the days of the attack.
"This indicates the participation of at least one well-orchestrated, systematic criminal organization in the phishing world," the anti-phishing group's report concluded. The analysis backs up claims by state and federal law enforcement that phishing is linked to organized crime based in Eastern Europe and the former Soviet Union.
The top phishing targets didn't change in June. Citibank again had the dubious honor of being the most hijacked brand, accounting for 36% of all attacks, while eBay, US Bank, PayPal, and Fleet retained their May spots as two through five, respectively.