Study: Few use phishing to troll for data

Study: Few use phishing to troll for data

Phishing expeditions'the use of legitimate-seeming e-mail to coax people into revealing personal and financial information'are relatively small in number but precisely targeted, a new study by a security company concludes.

Less than 1 percent of e-mail messages passing through IronMail security appliances deployed by CipherTrust Inc. during the first half of October were phishing attacks, the Atlanta company found.

That's minuscule compared to spam, which makes up as much as 75 percent of e-mail traffic.

'Phishing is a low-volume activity,' said Dmitri Alperovich, a research engineer at CipherTrust.

But by carefully targeting corporate brands and customers, a handful of illegal network operators increase the likelihood of harvesting financial account information. The messages sometimes contain links to counterfeited Web sites where the information is submitted.

Attacks identified by CipherTrust appeared to come from small zombie networks of about 1,000 compromised computers each day, Alperovich said. Different computes are used each day.

'This leads us to believe that there are a limited number of network operators involved,' he said. 'We believe it is less than five. It could be one or it could be five, but we don't think it is more than five.'

The Anti-Phishing Working Group estimates that about five percent of recipients respond to the attacks. Although the volume of attacks is relatively low, phishing appears to be a growth industry.

The working group identified nearly 2,000 unique attacks in July, the last month for which figures are available, and that number had been growing at a monthly rate of 50 percent over the past year.

The attacks can victimize both individuals and the organizations whose brands are being spoofed.

In its review, CipherTrust found CitiBank was the most commonly spoofed brand, accounting for 54 percent of phishing attacks. Eight other financial and online commerce companies accounted for nearly all of the remaining attacks.

Recipients of phishing e-mail also appear to be carefully targeted. For instance, messages targeting a European financial company were sent primarily to European e-mail addresses.

Although the ultimate sources of the scams were not identified, nearly a third of the phishing messages were sent from compromised computers in the United States. South Korea was the second greatest source of messages.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • blockchain (Immersion Imagery/Shutterstock.com)

    DARPA eyes 'less-explored avenues' of blockchain

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group