RSA Consumer Solutions Phishing Intelligence Report

By | April 21, 2006

The most notable trend is the very significant increase in the number of non-US banks targeted by phishing in March. Most of the non-US banks that were attacked for the first time in March were German banks. Additional new Spanish and Italian banks were also targeted this month. Please note, that the majority of the phishing volume is still attributed to large US and UK banks.

Segmentation of Banking Brands Attacks by Phishing: 49% Non-US Banks, 23% Regional US Banks, 17% US Credit Unions, 11% Nationwide US Banks.

Breakdown of Attack Hosting Source: US – 59%, UK – 10%, Germany – 8%, S. Korea – 8%, China – 4%, France – 3%, Russia – 3%, Turkey – 2%, Canada – 2%, Sweden – 2%.

Today the US hosts almost 60% of all phishing attacks. Two other “western” countries, the UK and Germany are #2 and #3 in the top-ten list. Why do fraudsters prefer hosting in western countries and not some more distant countries? Main reason: slower ISP action in taking down the phishing sites in these countries (many legal issues in the US, firm rules in Germany and the UK). Interestingly, today taking down a phishing site in China or Korea usually takes less time than taking a site in the US.

Number of Distinct Phishing Attacks per month: January 2006: 3,250 attacks, February 2006: 3,100 attacks, March 2006: 3,400 attacks.

The overall number of phishing attacks climbed yet again towards the 3500 attacks mark in March, after a slight decline in February. Overall, the number of attacks has been relatively stable over the past few months, with the market perhaps reaching a point of balance.

Attacked Brands by Industry Types: 92% – Financial Services, 6% – Online retailers, 1% – ISPs, 1% – Miscellaneous.

The relative shares of the different segments comprising the total phishing volume remained relatively the same during March. The share of financial institutions has increased a bit, while the share of online retailers decreased. It seems that fraudsters do not see the online retail world as ´interesting´ enough to attack while targeting banks is easier and more profitable.

Leave a Reply