Security Corner

Aug 31 2009   10:40PM GMT

Have You Noticed? Phishing Attacks Are Down



Posted by: Ken Harthun
Tags:
insecure
Malware
Phishing
Secure Computing
Security
Social Engineering
Trojan

It’s just not in fashion anymore; phishing attacks are ‘way down, falling out of favor with cybercriminals who now prefer malicious websites and password-stealing Trojan horse programs.

IBM’s security research and development division, X-Force, recently issued a report that found throughout 2008 , phishing volume was around 0.5 percent of overall spam volume. But in the first half of 2009, the volume of phishing attacks fell to around 0.1 percent of spam volume. Not only did the volume of phishing attacks drop, but the targets also changed: in 2008, 90 percent of all phishing attacks targeted the financial industry; in the first half of 2009, that percentage had dropped to 66 percent.

That’s the good news. The bad news is that, according to the report, the number of malicious Web links is up 508 percent in the first half of 2009 and many of these links appear on otherwise trusted sites such as search engines. X-Force Director Kris Lamb says, “There is no such thing as safe browsing today and it is no longer the case that only the red light district sites are responsible for malware. We’ve reached a tipping point where every Web site should be viewed as suspicious and every user is at risk."

A copy of the IBM report can be downloaded here (PDF).

As always, let the surfer beware.

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • SAPjava74
    Interesting observation. My quarantined volume of phishing types of messages has increased lately. Many more messages appearing to be from banking institutions asking me to update my account/login credentials. This has been happening over just the past couple of months it seems. Postini (Google) is the filtering service my organization uses.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: