Phishing attacks rise year over year

Phishing attacks in Q1 2011 increased significantly compared to Q1 2010, according to IID.

Criminals utilized phishing scams 12 percent more from January to March 2011 than during the same period a year ago.

IID expects this increased phishing activity and recent Internet security breaches to result in more spear phishing attacks, a sophisticated form of e-mail fraud targeting a specific person or organization.

“As we’ve seen with recent attacks against Sony’s PlayStation Network and Epsilon, cyber criminals now have inside information about tens of millions of customers to use in highly targeted phishing campaigns,” said IID President and CTO Rod Rasmussen.

“The worry is that with all of this specific data, cyber criminals have all they need to convince people to share their highly valuable personal information. Organizations must ensure they are taking every measure to stop these attacks, including blocking access to phishing sites and command and control domains for malware that exfiltrates data. This should be done with e-mail filtering, firewalls and secure domain name system resolvers,” he added.

Other findings in IID’s report include:

• Phishing attacks impersonating national banks increased 11 percent from Q4 2010 to Q1 2011. National banks include those run by a country or operating nationally.
• Much of the bank phishing attacks increased against those based outside the United States
• Rogue mobile applications utilizing the likeness of banks were downloaded hundreds of thousands of times.