Phishing Spam Tricks 55,000 Internet Users Every Month

Researchers at BitDefender, an IT security company, report that phishing e-mails have reached 7% of the total spam messages, while the number of people duped with phishing attacks is 55,000 each month.

Describing phishing spam, experts say that they are attempts to get e-mail recipients into revealing their private data like banking login details.

Further, the countries that receive the maximum amount of phishing are UK, Canada and US. Nevertheless, another important country from where phishing messages originate is Russia, mainly because it suffers from lax legislation for Internet crime and a high unemployment rate.

Vlad Valceanu, Head of BitDefender anti-spam Research Lab, said - the phishing scenario during January-June 2009 steadily evolved since phishing mechanisms exploiting Web 2.0 technology targeted people using social-networking sites for implementing consequent attacks. Valceanu further states that attackers created bogus login web-pages to capture users' login data, as reported by MX Logic on August 4, 2009.

Valceanu further said that the most important thing to note was that unlike malware, spam and phishing were universal Internet threats that could be operated on any PC having any operating software or security patch.

For instance, the scam relating to the Twitter Porn Name is a fine case which solicited users to disclose their pet name and the street where they lived.

Usually these names are used as security/backup questions. A cyber crook having an individual's username as well as these clues could easily determine that person's password. This information (password) could be later used to access his account and for sending spam.

Moreover, phishers' key objective to steal people's credentials is to attack wire transfer companies and banking institutions. The most common phishing targets during January-June 2009 were PayPal and Bank of America (BOA), BitDefender reported.

According to the company, a lot of phishing websites are poorly designed in impersonating the actual site with spelling errors and negligent formatting, which could forewarn a visitor that the sites are fraudulent.

However, the recent hoax website of BOA was so impeccably crafted that it suggested that a highly efficient group of phishers were in action, BitDefender said.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 8/24/2009