Phishing on the rise

Most users put away the rod and reel in winter, but not phishers.

A recent analysis by a security industry group found that e-mail fraud attacks grew by 50 percent in January over the month before. The Anti-Phishing Working Group said it counted 176 new attacks during the month, an average of 5.7 each day.

'Phishing' has become the term for spoofing return addresses, links and brand-name information to trick recipients into disclosing personal and financial data. The fraudulent messages in a phishing expedition usually are not targeted but simply broadcast to as many addresses as possible. The anti-phishing group reported that up to 5 percent of recipients do respond to the faked e-mails.

The Federal Trade Commission received more than 500,000 complaints of consumer fraud and ID theft last year, up from 400,000 in 2002. Internet fraud accounted for 55 percent of all reports last year, up from 45 percent the year before.

Victims reported losses of $437 million in 2003, $200 million of that from Internet fraud.

Phishing not only is getting more common, it is more sophisticated. About 8 percent of the attacks in January used a vulnerability in the Microsoft Internet Explorer browser that lets Web addresses be disguised to send victims to a fraudulent address. More of the attacks also are fooling recipients into downloading malicious code, such as key-loggers and back doors that leave computers vulnerable to future exploitation.

'The spam epidemic has evolved from a nuisance to a real security threat of financial crime and identity theft,' said Dave Jevans, chairman of the anti-phishing group.

Besides direct financial harm to victims, phishing also undermines the reputations of legitimate online companies whose identities are spoofed.

The most commonly spoofed address in January was, and the most commonly spoofed sector was financial services.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected