Posted February 17, 2011
As reported in the upcoming release of the Cyveillance Intelligence Report, overall Phishing: The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. attack volume declined during the second half of 2010 compared to the first half of the year, averaging over 19,000 confirmed, unique attacks per month. However, the level of sophistication and emphasis on targeted attacks continues to rise. As a result, despite the number of attacks going down, the ability of phishers to be successful has risen significantly as evidenced by the growing number of spear phishing attacks and Advanced Persistent Threats (APTs) reported during the half.
The amount of attacks seen monthly is down compared to the first half of the year and could be related to the recent decline in spam, but the overall volume confirms that the problem of phishing is still easily one of the top threats on the Internet. Specifically, the use of more sophisticated and targeted attacks result in greater success and lucrative opportunities for online criminals. A recent story regarding socially-engineered attacks against High Value Targets (HVTs) in the Canadian government provides a great example of the danger this new breed of attack poses to organizations.
Organizations should continue to monitor for suspicious activity related to the attack described in the article above as well as educate their users on the latest threats that plague the Internet. Users can minimize the potential for falling victim to email and Web-based attacks by never clicking on links within emails and only accessing their online applications through known Web sites and pages.