RSA reports phishing still a serious problem

Feb 20, 2009 9:56am

By Michael Kaiser, NCSA Executive Director

Phishing is still a thriving criminal enterprise. The release of the 2008 RSA Online Fraud report  confirms the ongoing problem of phishing in cyber space (disclosure: EMC is a NCSA Board member and RSA is an EMC company). According to the report the volume of phishing attacks during 2008 grew 66% over those attacks detected throughout 2007.

Criminals get more sophisticated as time goes on. Emails look more and more authentic and the criminals tie their efforts to breaking news, like the phishing attacks that attempted to lure people during the wave of bank mergers last fall or the scams that are emerging to lure people looking for work into illegal enterprises, such as muling (a form of money laundering). Phishing is a con game and the goal is to build trust and get people to act.

Users should be alert and learn to defend themselves against cyber criminals. When an email arrives requesting personal information before you share anything ask:

  • Who is asking?
    Are you sure that your bank or other business is actually sending the email?
  • What are they asking for?
    Think about the request. Is it for logon, password, address, or other information that can identify you? 
  • Why would they need it? 
    Does your bank need your logon and password? No, they can access your account whenever they need to.

Even if you think the request is legitimate don’t click on that link. Close and reopen your browser then manually type in the web address of the business, log on, and check your account. If there is some irregularity you can deal with it at that time.

The report includes a review of key phishing trends and analyses for 2008. Key findings include:

  • The volume of phishing attacks during 2008 grew 66% percent over those detected throughout 2007.
  • In 2008, RSA detected 135,426 phishing attacks, compared to just over 90,000 phishing attacks detected in 2007.
  •  The first six months of 2008 demonstrated a dramatic increase in the volume of phishing attacks peaking in April with 15,002 attacks. There was a sharp 68 % drop in attacks between June and July 2008, where the lowest volume of attacks detected during the year was reported in August with 7,099 attacks.
  • Companies within the U.S. suffered a whopping 68% of the total number of attacks, 10 times higher than the number of brands attacked within the U.K. – which ranked a distant second on the list at 6% of the total.
  • Although the U.S. led by a huge margin in terms of the number of attacked brands during 2008, the U.K. led in terms of total volume of attacks. This is a result of several massive surges of attacks against a small number of U.K. financial institutions during 2008.
  • The country that hosted the most substantial number of attacks (as enumerated by the location of the ISP or the hosting company) was the U.S. - by a very considerable margin at 60%. Looking at this another way, the U.S. hosted two-thirds of the world’s phishing attacks in 2008.
  • The number of phishing attacks detected by the RSA Anti-Fraud Command Center dropped sharply in December 2008, decreasing by more than 20%. December 2008 witnessed the second lowest number of attacks during 2008, with a total of 8,040 attacks.
  • Even though RSA detected smaller number of attacks toward the end of 2008, the problem is still significant, cyber criminals still see phishing as a viable method to advance a criminal enterprise, and financial institutions remain a high priority for phishing attacks.

In addition to NCSA’s website, you can find valuable information at the FTC’s Onguard Online, Department of Homeland Securities USCERT, and the website of the Anti-Phishing Working Group.