Online shopping increase provides bait for phishers

More and more people are shopping online, leading to an increasing number of incidences of phishing
Written by Will Sturgeon, Contributor

Phishing is on the increase and the phenomenal rise of the crime shows little sign of slowing -- especially with more and more of us moving online to use services such as banking and shopping.

According to research from VeriSign, the increase in the number of people transacting online -- up 13.2 per cent on last year -- means an increase in the number and variety of cybercrimes being committed -- with phishing the highest priority concern currently.

Phishing scams typically involve the receipt of an email which attempts to solicit sensitive data -- such as bank account details. Often it will carry the branding of specific banks and ape very closely the appearance of a bank's Web site or own email communications. For the unwary consumer spotting the minute differences can be tricky.

According to VeriSign, 93 percent of phishing emails that it studied were sent from forged or spoofed email addresses, which at first glance may appear to be genuine.

Just 5 percent of phishing emails came from sites making no attempt to disguise their destination, while 2 percent came from 'cousin' sites, which closely mimic the company site they are seeking to imitate but perhaps differ by a few characters. This suggests a general trend of phishers 'raising the bar'.

Paul Wood, chief information security analyst at MessageLabs, said the last six months has seen an increase in the sophistication of phishing emails but warned that a lack of awareness and end user education is also responsible for the continued success of even quite crude phishing attacks.

"As with viruses, people have been told time and time again not to open these emails and not to click on links and attachments but still they continue to do so," said Wood.

Such a lack of awareness means continued success for phishers and means they will most likely keep plying their trade for some time to come, according to Wood.

More likely to bring about the end of phishing emails is a move towards more covert forms of harvesting data -- such as spyware which requires even less end-user involvement.

Another problem in policing such crimes is the geographic spread of scammers and the need for careful cross border co-operation.

Although victims could be anywhere in the world it was crooks in China, Korea and the US who originated the most scams, according to VeriSign.

Editorial standards