Open season for phishing as attacks soar

Phishing activity has been growing at the rate of 75 percent a month since December, according to the Anti-Phishing Working Group

The quantity and quality of phishing attacks grew at an alarming rate in April, according to the Anti-Phishing Working Group.

Phishing is an Internet scam where official-looking emails attempt to fool users into disclosing online passwords, user names and other personal information. Victims are usually persuaded to click on a link in an email that directs them to a doctored version of an organisation's Web site. It is estimated that up to 5 percent of phishing emails persuade users to perform an action, such as clicking on a link, that could result in credit card fraud, identity theft or some other financial loss.

On Monday, the Anti-Phishing Working Group, which was formed last year to share information about phishing attacks targeting the financial sector, published its Phishing Attack Trends Report for April 2004 and revealed that attacks had increased by 180 percent since March and 4,000 percent since December, with an average monthly increase of 75 percent.

Dave Jevans, chairman of the Anti-Phishing Working Group said that hackers, identity thieves and virus writers were collaborating to produce ever more sophisticated attacks. Jevans said that in April his organisation discovered a new attack that is able to modify a browser's address bar to display an incorrect Web site address. This makes it more likely that even sophisticated users could be fooled into interacting with a fraudulent Web site.

"These attacks are increasing and becoming much more sophisticated -- to the point of being literally indistinguishable from legitimate email, even for technically savvy recipients," said Jevans.

James Kay, technical director at email-security firm Blackspider, said that phishing is fundamentally a spam problem so it can be addressed by analysing the contents of incoming messages and recognising certain patterns and peculiarities.

"When the filtering technology sees a Web address where the displayed link is completely different to the actual link, it is an indicator. These types of behaviours are can be coded into standard spam-detection tools," said Kay.

Kay said that he expects the volume of phishing attacks to continue growing. Until recently, he said, the majority of phishing attacks were attempts to obtain account details for e-commerce sites but now the focus has shifted to financial institutions. This was illustrated by the Anti-Phishing Working Group's report, which found that eBay has been superseded by Citibank as the company targeted most often by phishing scams.

"Ordering a bunch of books from Amazon is good but getting a load of money deposited into your Bulgarian bank account is far more interesting," Kay said.