Phishing scams increased by more than 100% in October causing banks, financial services firms and popular consumer websites until grief.
Phishing sites – the practice of making sites that look and act like popular sites such as banks in order to steal personal information from customers – rose from 543 sites in September to a mind boggling 1,142 sites in October according to the Anti-Phishing Working Group (APWG).
Phishing occurs when con merchants send fraudulent e-mails to customers to lure them to websites that appear to be the home page of a well-known financial institution. The e-mails instruct the customer to leave account information on the site, which the scammers then use for identity theft.
Peter Cassidy, secretary general for the APWG noted that phishing emails have seen a rise of roughly 36% per month, to a total of 6,600 separate messages being sent to tens of millions of users in October. “Organized crime has embraced this technology and automation has increased the availability of phishing technology,” he said. “They´ve become much more sophisticated.”
IT Observer noted just last week that organized crime’s involvement in phishing and other scams was seeing a dramatic rise.
The financial services industry has taken the biggest hit. Last year phishing scams cost banks and credit-card companies $10.2bn (Ј5.4bn), according to a recent Gartner report.
Banks are trying to fight phishing by educating customers about spoof e-mails. Several banks include information about phishing on their websites and in monthly statements.
But user education can only go so far, as scams are advancing more rapidly than users can keep up. As a result, several banks are also developing and releasing software that consumers can download which helps to guard against phishing attacks by scanning pages for similarities to the financial institution’s homepage.
The group is also warning companies and users of a new form of phishing that runs a script just when an e-mail is opened. Cassidy said the new technique had only been detected in Brazil, but was probably being tested for wider deployment.