The hacking method of phishing is as prevalent on the web as ever, according to research by PandaLabs. The security firm conducted a three-month study where it analyzed its global malware database to reveal statistics regarding phishing and its use by hackers.
Phishing is a commonly used tactic where hackers attempt to gain a potential victim's sensitive information through trickery. Emails are usually vehicles of choice for such attacks, where they will attempt to replicate the look of official messages from institutions such as banks, online payment processors, auction sites, or other sites where financial transactions take place.
The phishing emails will usually tell the user that their account must be verified or something of that nature. In order to verify it, the phishing email asks the user to click on a link or visit a site and enter their login credentials, card numbers, or other sensitive and private pieces of data. If they do so, that data is placed into the hands of the hackers, who can then use it to drain accounts or perform other malicious attacks.
In an attempt to gain the trust of their potential victims, phishers tend to target well-recognized name brands as bait. PandaLabs' study detected the use of 375 well-known brand names by phishers. The top two brands that were most commonly used were eBay and Western Union, with each making up 23 and 21 percent of the phishing websites found, respectively. Other brands that made the top of the list included PayPal, Bank of America, Amazon, Visa, the Internal Revenue Service, HSBC, the United Services Automobile Association, and Australia's Bendigo Bank.
When broken down into business categories, the study found that almost 65 percent of the fake phishing websites attempted to duplicate legitimate banking sites. Approximately 27 percent of the phishing sites mimicked online shops like eBay. The remaining 8 percent of categories targeted by phishers included government organizations, other financial institutions, payment systems, Internet service providers, non-profit organizations, phone companies, logistics, software, and leisure or games.
PandaLabs also found that the rate at which phishing sites are becoming live on the web is alarming. On average, the company found that nearly 57,000 phishing sites were being created per week. While that number may seem high and could mean plenty of work for the hackers in question, technological advancements have made it easy to create such sites.
Site creators can copy the source code of the site they wish to mimic and then change it slightly to fit their scam. There are also automated toolkits that help phishers churn out new sites in little to no time at all. In a spam and phishing report for September, Symantec found that phishing messages increased 92 percent in July. This dramatic increase was attributed to the advent of the toolkits.
It appears as if phishing will continue to grow on the Internet, as it is a lucrative business for those who do it successfully. Learning how to protect yourself from such attacks is vital. Stay tuned for some tips on how to identify phishing attacks.
For more, visit http://news.cnet.com/8301-27080_3-20016026-245.html?tag=mncol;title
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More Web Hosting Security Articles
More By wubayou
