Cyber Criminals Expanding Targeted Brand Base
The phishing Activity Trends Report for Q4-2009 by APWG (Anti-Phishing Working Group) suggests that cyber criminal gangs are expanding the variety of reputed organizations they attack. This 'brand-type' broadening is being done much beyond leading online merchants and financial institutions. A peak of 356 brands were hijacked during October 2009, representing a high 4.4% in comparison to the earlier highest number of 341 during August 2009.
Commenting on this discovery, Peter Cassidy (Secretary General of APWG) stated that every brand was at risk of being spoofed to fulfill objectives of cyber deception. Earlier cyber criminals targeted only the biggest financial institutions, particularly banks. Now all types of brand institutions from credit unions and banks to charities and hardware manufacturers are being exploited in fraudulent schemes, said Cassidy, as reported by Sys-con on March 7, 2010.
APWG said that while the reports of number of phishing attacks received by APWG during Q4-2009 dropped almost 29% from the peak 40,621 during August 2009 to 28,897 during December 2009; there was another trend that the statistics didn't clearly reveal. As per the research analysis and reports submitted to APWG during Q3-Q4 2009, there was an enormous rise in phishing attacks chiefly against high-value targets like treasury employees.
Dave Jevans, Chairman of APWG, states that whale-phishing and spear-phishing targeted against individuals (who have an access to high-value data or in corporations) seem to be rising, as reported by Internetnews on March 5, 2010. Jevans further states that the types of attacks don't add much to the general count of distinct phishing e-mails since they usually don't utilize broad-based spam.
The Chairman noted that the modern trend for phishers' gangs was to tailor their e-mails together with the related texts for targeting individuals. APWG and law enforcement agencies compute that these gangs number some 3 dozens globally.
According to the report, the total number of spoofed URLs or phishing websites increased to 185.50/targeted brands during December 2009 from 130.68/targeted brands during October 2009. This demonstrates that phishers aren't only attacking the higher hierarchies in corporations but also deeper into their online operations.
Related article: Cyber Child abuser Sentenced To Imprisonment
» SPAMfighter News - 15-03-2010