Financial institutions are not alone. A leading cyberfraud watchdog group said that social networking, online classifieds and online gaming industries are increasingly the focus of phishing gangs out looking for personal account information.
The Anti-Phishing Working Group said in its just-released first-quarter 2010 trends report that attacks focused on online retail, auction and financial services actually decreased in the first quarter of 2010 but that attacks on payment services increased more than 10% during that time. And attacks on social networking, online classifieds and gaming increased from 13% of all phishing attacks to 18%, an increase of more than 37% in one quarter, the APWG said.
The organization also said that 53% of all computers monitored in its report were infected with some kind of malware. APWG said the report combines its own data with APWG members MarkMonitor, Websense, Panda Security, Afilias and Internet Identity.
The APWG said its data show unique phishing reports reaching 30,577 in March, down 25% from the record high of 40,621 in August 2009, and brands attacked totaling 298 in March, compared with last October's all-time high of 356.
"The Q1 statistics paint the picture of shifting focus and approaches used by phishing gangs who are apparently using more sophisticated social engineering schemes less reliant on spoofing a bank's brand," APWG Chairman Dave Jevans said.
"Less visible statistically but as potent is the increasing focus on direct attacks against executives with corporate treasury authority. Losses from the latter, according to reports received by the APWG, can and do regularly run into six figures now," Jevans said.
The full report is available at www.apwg.org. The APWG is a global coalition of more than 1,800 industry, law enforcement and other government and non-governmental organizations formed in 2003 to fight identity theft and fraud resulting from phishing, e-mail spoofing and crimeware.