Skewed Statistics Appear to Inflate Phishing Attacks

Security software firms are turning efforts to clamp down phishers, risky by showing crooked statistics that make the problem seem insurmountable, according to experts.

A Cambridge University research shows that a single Rock Phish gang runs half of the 35,518 sites that were reported as phishing sites between February and April 2007.

Since software suppliers project a high rate of single incidents, it discourages police to investigate the origin of the attacks, says Richard Clayton, co-author of the report and advisor to the House of Lords Committee on Internet security. IT Week published Clayton's statement on June 7, 2007.

While security vendors welcome inflated statistics that try to make phishing a serious problem, the police would not give enough importance to investigate if the attacks are many on small scales rather than a single large gang, Clayton added.

In Clayton's views, following Rock Phish attacks would significantly narrow the problem. Rock Phish attacks are techniques that evade new anti-phishing tools. Both Firefox and IE browsers are featured for warning users as they try to go to a website blacklisted by security experts. Rock Phish assaults thwart this blacklisting technique by creating a number of unique Web addresses for a single attack thus facilitating phish filter evasion.

It is believed that Rock Phish attackers are the pioneers in using images to defeat spam filters that block scam and junk e-mails mainly arranged in text. The theory prevails that those responsible for these skilled phishing attacks make lots of money so they would not allow anyone to interfere with their efforts.

While the number of incidents is growing, it does not necessarily mean that the number of criminals is also increasing. Since phishing techniques involve automatic generation of a different site where one site is closed down, there may be misinterpretation of the figures. The number of phishing sites appear to show there are that many criminals operating but the situation is not as bad as security vendors portray, said Andy Muddimer, head of Internet banking at Alliance and Leicester in a statement. IT Week published it on June 7, 2007.

Related article: Societe Generale Employee Confesses to Trading through Hacked Systems

» SPAMfighter News - 6/20/2007