More than 100,000 new phishing sites were created last week alone, according to IBM’s X-Force content research team.
The company identified, studied and classified more than 114,000 brand new phishing sites between June 11 and 18.
According to the findings, 99.8% of all these sites came from automated phishing kits. Only 0.2% of the sites identified did not appear to follow an automated deployment strategy for their phishing attack.
Gunter Ollmann director of security strategy for IBM ISS said there has been a colossal increase in the number of phishing sites with organised crime behind them. “To be able to produce that amount of phishing sites and all the spam that goes with it means this is well organised,” he said.
He said that the mid-sized US Regions Bank had been the subject of a particularly large number of attacks.
Patricia Martin, vice president director public relations at the bank, said that like many financial institutions and e-retailers in the US, Regions Bank has been victim of phishing attacks for the past several months.
She added that there have been a high number of attacks on business bankers involving several US banks since mid-May. “The FBI and the US Department of Justice are investigating and say this is the biggest attack they've seen. A very small proportion of our InterAct Treasury Management Services customers have been the victims of this spate of e-mail fraud.”
"We are working with law enforcement and with our clients to recover the funds and track down the criminals."
“I believe whoever is committing these attacks is doing so to take advantage of the fact that too many customers are still not aware of phishing or the signs that can warn them away from fraudulent e-mails. I base this opinion on the fact that Regions was just one of many banks whose brand was hijacked in this latest caper, and those banks are not going through a merger,” said Martin.
Phishing increases >>
Anti-phishing tool pays off at Nationwide >>