Phishers Escalate Operations during Festive Season Purchases

According to Internet security firm SonicWALL Inc., the buying frenzy this holiday season is expected to cause a surge of phishing attacks at the start of 2008. Seasonal data that SonicWALL collected indicate that such attacks had increased two times from the third quarter to the fourth quarter in 2007.

Senior Product Marketing Manager for SonicWALL, Andy Klein, said that the phishing operations are likely to start in the second week of January 2008 and end by the middle of February next month. They would also take place at the time when credit card statements reflecting the holiday transactions begin to arrive. Scmagazineus published it in news on January 10, 2008.

However, the classical previously leading trends show a more pronounced prevalence in 2008. In addition, phishers are now better able to optimize their assaults by understanding people's purchasing patterns and interposing themselves at an appropriate time to maximize criminal deception.

In the season of giving gifts during November-December 2007, people who normally only purchase limited items on credit cards suddenly indulge in multiple transactions. Also, they make payments through various financial instruments that make them unable to remember all the items they purchased and the payment methods they used. In such situations of uncertainty, consumers turn vulnerable to cyber criminals' trickery.

Security researchers further said that scammers have been preparing for the January 2008 phishing attacks by utilizing the months of November-December 2007 to collect active e-mail addresses of possible victims.

While there had been a slight increase in traditional spam in the fourth quarter of 2007, the true increase was observed in Directory Harvest Attacks in which e-mail addresses are gathered. Such attacks jumped nearly twofold from the third quarter to the fourth quarter in 2007. This massive growth in Directory Harvest Attacks has increased the volume of spam mails, fraud, virus, and denial of service conditions to an even higher level at nearly 97% of total e-mail.

Meanwhile, recent phishing trends show that such attacks threaten less of businesses and try more to redirect consumers to fake websites on credit card or other crafty sites that dispute transactions.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 1/22/2008