More than 100,000 new phishing sites were created last
week alone, according to
IBM’s X-Force content research team.
The company identified, studied and classified more than 114,000
brand new phishing sites between June 11 and 18.
According to the findings, 99.8% of all these sites came from
automated phishing kits. Only 0.2% of the sites identified did not
appear to follow an automated deployment strategy for their
phishing attack.
Gunter Ollmann director of security strategy for IBM ISS said
there has been a
colossal increase in the number of phishing sites with
organised crime behind them. “To be able to produce that amount of
phishing sites and all the spam that goes with it means this is
well organised,” he said.
He said that the mid-sized US Regions Bank had been the subject
of a particularly large number of attacks.
Patricia Martin, vice president director public relations at the
bank, said that like many financial institutions and e-retailers in
the US, Regions Bank has been victim of phishing attacks for the
past several months.
She added that there have been a high number of attacks on
business bankers involving several US banks since mid-May. “The FBI
and the US Department of Justice are investigating and say this is
the biggest attack they've seen. A very small proportion of our
InterAct Treasury Management Services customers have been the
victims of this spate of
e-mail fraud.”
"We are working with law enforcement and with our clients to
recover the funds and track down the criminals."
“I believe whoever is committing these attacks is doing so to
take advantage of the fact that too many customers are still not
aware of phishing or the signs that can warn them away from
fraudulent e-mails. I base this opinion on the fact that Regions
was just one of many banks whose brand was hijacked in this latest
caper, and those banks are not going through a merger,” said
Martin.
Phishing increases >>
Call for .safe domain for banks >>
Anti-phishing tool pays off at Nationwide >>