)
Phishing, a form of internet fraud, is fast becoming a dangerous threat category with attacks affecting an average of 1,02,100 people worldwide each day in 2012-13, twice as many as in 2011-2012.
In India 10,000 users were subjected to phishing attacks on a daily basis, said survey by Kaspersky Lab's. The survey added that, Phishing attacks most often target users in Russia, the USA, India, Vietnam and the UK.
Phishing is a form of Internet fraud in which criminals create a fake copy of a popular site (an email service, an Internet banking website, a social networking site, etc.) and try to lure the users to these rogue web pages. The unsuspecting user enters their login information and passwords into these carefully forged websites as they normally would, but these credentials are instead sent to the cybercriminals. The scammers can then use this stolen personal information, bank credentials, or passwords to steal the users’ money, to distribute spam and malware via the compromised email or social networking accounts, or they can simply sell their databases of stolen passwords to other criminals.
According to the results of Kaspersky Lab’s "The evolution of phishing attacks 2011-2013" survey, the number of Internet users who faced phishing attacks over the last 12 months has grown from 19.9 million to 37.3 million, an increase of 87%.
Facebook, Yahoo, Google and Amazon are among main targets of cybercriminals. The study, which was carried out in June 2013 based on data from the Kaspersky Security Network cloud service, shows that what was once a subset of spam has evolved into a rapidly growing cyberthreat in its own right.
"The volume and variety of phishing attacks detected during the survey indicates that phishing is not merely one tool among many for the illegal enrichment of fraudsters, but represents a significant and visible threat. These attacks are relative simple to organize and are demonstrably effective, attracting an increasing number of cybercriminals to this type of illegal activity. The volume of phishing attacks, which according to Kaspersky Security Network nearly doubled in a single year, confirms this trend," said Nikita Shvetsov, Deputy CTO (Research) at Kaspersky Lab.
Phishing has been regarded as a variation of typical spam emails. However, the data from this survey confirms that the scale of phishing attacks has reached such a significant level that they should be regarded as a dangerous threat category of their own, not merely an off-shoot of general spam. In fact, email is no longer the most common delivery mechanism for phishing emails. For example, only 12% of all registered phishing attacks were launched via spam mailings. The other 88% of cases came from links to phishing pages which people followed while using a web browser, a messaging system (Skype, etc.) or otherwise interacting with the computer, said the survey.
During the survey, Kaspersky Lab compared data on phishing attacks from over 50 million Kaspersky Security Network users between 1 May 2012 and 30 April 2013 with figures for the equivalent period of 2011-2012.
Main Research Findings
• In 2012-2013, phishers launched attacks affecting an average of 1,02,100 people worldwide each day – twice as many as in 2011-2012
• Phishing attacks most often target users in Russia, the USA, India, Vietnam and the UK
• Vietnam, the USA, India and Germany have the greatest number of attacked users – the total number of attacks in these regions has doubled since last year.
• Over 20% of all phishing attacks mimicked banks and other financial organizations
• American Express, PayPal, Xbox live, Twitter and etc. are in Top 30 most targeted sites.
