Is phishing on the decline, or just moving to a new phishing hole?
According to one cyber intelligence and security company, recent reports of the demise of phishing have been greatly exaggerated.
All right, nobody actually is reporting the demise of phishing. But major vendors such as IBM and Symantec have reported downturns recently in the number of phishing attacks — schemes intended to trick victims into unwittingly divulging financial or other personal information that could be used for identity theft.
But Cyveillance says this apparent decrease is only because the companies have focused on e-mail as the primary delivery vehicle for the attacks.
“Traditional e-mail monitoring misses attacks perpetrated through more creative means, including URLs distributed by tweets, instant messages and SMS texts,” Cyveillance said. So, although phishing e-mail volume may have fallen, the number of phishing attacks is actually on the rise, through more sophisticated methods and more focused e-mail campaigns.
The company identified more than 175,000 distinct phishing attacks from June through August of this year, “one of the highest three-month volumes ever detected.”
Cyveillance urges greater caution on the part of consumers as the best defense against phishing. “It is important for consumers to not solely rely on vendor solutions and stay educated about new and evolving threats, as phishing still relies on human interaction to capture sensitive data.”
William Jackson is a senior writer of GCN and the author of the CyberEye blog.