June 30, 2014
Phishing Scams Continue Upward Trend In First Quarter 2014
Peter Suciu for redOrbit.com - Your Universe Online
Cyber criminals have continued to cast a line and looked to lure in unsuspecting computer users as phishing scams saw a sharp increase in the first quarter of 2014. According to the Anti-Phishing Work Group (APWG) there was a 10.7 percent rise in phishing-related cyber-crime over the previous quarter.
This is especially worrisome warns the APWG as the group had previously reported that 2013 was one of the heaviest years for phishing on record, and according to this newly released data, Q1 of 2014 perpetuated that trend, posting the second-highest number of phishing attacks ever recorded in a yearly first quarter. In Q1 there were 125,125 observed phishing attacks, second only to the 164,032 phishing attacks observed in the first quarter of 2012.
"Phishing is a criminal mechanism employing both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials," the group reminded readers in its latest study. "Social engineering schemes use spoofed e-mails purporting to be from legitimate businesses and agencies, designed to lead consumers to counterfeit websites that trick recipients into divulging financial data such as usernames and passwords."
The group reported an average of 41,738 new phishing attacks per month in the first quarter, and during January there was a reported temporary rash of phishing on virtual servers. The APWG reported that these phishing attacks use a technique where cybercriminals often create and host phishing pages on multiple unique domains all hosted on a compromised web server.
These particular attacks against payment services represented 46.5 percent of attacks in Q1, followed by attacks against banks and financial institutions at 20 percent.
“The number and diversity of phishing targets continued to increase,” said Greg Aaron, APWG senior research fellow and president of Illumintel Inc. “Almost any enterprise that takes in personal data via the web is a potential target.”
The United States also continued to be the top country hosting phishing sites, and this is reportedly due to the fact that a large percentage of the world’s websites and domain names are in fact hosted in the United States. However, the AWPG noted that a spate of phishing hit Turkey-based hosting services in February and March of 2014.
The AWPG's new study found that a total of 557 different brands or institutions were targeted by phishers in Q1 2014, up from 525 in Q4 2013. The number is expected to reach the 681 unique targets that were attacked in the whole of the second half of last year.
According to Luis Corrons, PandaLabs technical director and Trends Report contributing analyst, the percentage of infected computers around the world in Q1 has increased, and currently 32.7 percent of personal computers worldwide were infected with malware, adware or spyware; while malware continued to be a prevalent threat to Internet users.
The countries leading the list are China – with 52.36 percent of computers in the country infected – followed by Turkey at 43.59 percent and Peru at 42.14 percent. Asia and Latin America also continued to be the regions with the highest number of computer infections.
The study found that nine of the 10 least-infected countries are in Europe, with the exception being Japan.