Instances when cyber criminals used likenesses of e-commerce companies, excluding eBay, to steal critical data from unsuspecting victims, were up 317 percent from July to September 2010 compared to the same time period in 2009. Likewise, phishing attacks impersonating gaming companies were up 347 percent in Q3 2010 compared to Q3 2009.
IID anticipates this increase in phishing attacks targeting e-commerce sites and gaming companies to continue during the fourth quarter of 2010 based on historical trends. For example, from Q3 to Q4 2009, threats targeting e-commerce sites excluding eBay increased 86 percent.
“Traditionally cyber criminals have capitalized on current events, resulting in an increase in e-commerce phishing attacks leading up to and during the holiday shopping season,” said IID President and CTO Rod Rasmussen.
“As the world moves into the highly active online shopping season, we expect to see increases worldwide in e-commerce attacks. In addition, with the online gaming industry generating over $15 billion annually and growing rapidly, it is the kind of target that is hard for criminals to resist.”
With gaming, cyber criminals have again shifted focus to where the money is. In the latest example, Activision sold 5.6 million copies of “Call of Duty: Black Ops” for $360 million on its first day of availability on November 9, setting a new one-day revenue record for media of any kind (movies, music, etc.). IID expects cyber criminals to take note of this and actively increase targeting of video game companies and consumers.
Much of the recent e-commerce attacks targeted Chinese online auction and shopping website Taobao. Taobao is one of the world’s largest e-Commerce sites with about 200 million registered users and is 13th overall in Alexa’s Internet-usage rankings. IID expects attacks against Taobao to continue growing as cyber-criminals look to target an exploding Chinese middle class.
Other detailed findings of IID’s report include:
- Non-Avalanche-related phishing attacks increased 32 percent in Q3 2010 compared to the same quarter in 2009.
- The number of phishing attacks targeting credit unions increased. However, the overall number of credit unions targeted dropped.