Reports of "phishing" crimes surged by almost 200% in
April, a computer security industry group claims.
The Anti-Phishing Working Group (APWG) received reports of more
than 1,100 unique phishing campaigns,, a 178% increase on
March.
The large increase comes on the heels of a 43% rise between
February and March, with financial services and retail
companies being hit particularly hard.
Citibank alone was the target of 475 unique phishing scams in
April. Each of those scams is a separate e-mail campaign that could
contain tens of thousands or millions of fraudulent e-mail
messages.
Citibank did not immediately respond to a request for
comment.
Ebay and its online payment service, PayPal, were also hit hard
in April. Ebay was the target of 221 unique phishing campaigns,
PayPal of 135.
Other leading financial institutions were also frequent targets
of phishing scams, including US Bancorp and FleetBoston
Financial.
While each report recorded by the APWG corresponds to a unique
phishing campaign, the type of phishing attack used may not be new
in every case. In fact, the APWG has evidence that phishing web
pages are being traded online, in the same way that e-mail
addresses are traded and sold by spammers.
The growing problem also points to increasing interest in the
scams by malicious hacking groups and organised crime.
A recent study by Gartner found that as much as 3% of phishing
scams may be successful, resulting in internet users divulging
sensitive information to scam artists.
Based on a survey of 5,000 adult internet users, Gartner
estimated that as many as 30 million adults have experienced a
phishing attack and that 1.78 million adults could have fallen
victim to the scams.
The APWG said in the past that around 5% of phishing scams are
successful, but that figure is based on anecdotal evidence.
Paul Roberts writes for IDG News
Service