January 18, 2006 12:44 PM PST

More brands targeted as phishing attacks soar

Phishing attacks reached a new high at the end of 2005 after growing steadily all year, according to a study published Wednesday.

The number of unique e-mail-based fraud attacks detected in November 2005 was 16,882, almost double the 8,975 attacks launched in November 2004, said the report, published by the Anti-Phishing Working Group, an industry consortium that provides information on phishing trends.

Phishing e-mails pretend to come from legitimate companies, such as banks and e-commerce sites, and are used by criminals to try and trick Web users into revealing personal information and account details.

The number of brands targeted increased by nearly 50 percent over the course of 2005, from 64 percent to 93 percent in November.

Despite these statistics, businesses should not worry about the effect on general consumer confidence, according to Internet security company Websense.

"One big attack will temporarily hurt a brand, but the increase in e-commerce is not slowing down," said Mark Murtagh, Websense technical director for Europe, the Middle East and Africa. "Although phishing is increasingly in the news, online banking is increasing in popularity."

Top brands continue to be hijacked, with phishers using established names to try to lure people to their sites, Websense said. Most phishing sites spoof global e-commerce and banking institutions.

"eBay is often spoofed, for obvious reasons," Murtagh said. "Google is increasingly being targeted because of its expansion into different business application models. The big banking names are used too--HSBC, Citigroup, Lloyds--all the major brands".

Phishers' use of global brands is understandable, said Murtagh. "There's no point in using local names if the attack is global."

Attacks are becoming increasingly sophisticated, with a quarter of all phishing Web sites hosting keylogging malicious software. Users can become infected just by visiting the sites, Murtagh warned.

"Before, people had to click on a site to download malicious code. If they went to a Web site and thought it looked 'phishy,' they could leave and probably not be harmed. Now with most phishing sites they just have to visit one to become infected.

"Twenty-five percent of those sites now host keylogging code, and if you visit one you will probably open yourself to identity theft or fraud."

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
phishing, Websense Inc., e-commerce, banking, keylogging


Join the conversation!
Add your comment
And the Companies?
Most of the target companies do very little to help the problem. If you try to report a scam their web pages are so cluttered with junk that you can't even find a email address to report the problem to.

Surprisingly, eBay (spoof@ebay.com) and PayPal (spoof@paypal.com) make it real easy. Just forward the suspicious mail to them, it only takes a second and the quicker they find out about the scam the quicker they can take steps to stop it.

Amazon on the other hand requires going through several pages and filling out a form, and they never do provide an email. Many banks are just as bad, they want you account number etc. To them I say you get what you deserve. Make it really inconvenient to report a problem and the cry about it.

If people would take a proactive approach to these things we could stop these guys in their tracks. But I guess it is like dogs. Some will go out and look for food when they get hungry and others will just lay at their dish and whine.
Posted by Mister C (423 comments )
Reply Link Flag
I hate to burst your bubble but...
I have a phish mail sitting in my in box as we speak. I know for certain it is one. I will let you see it. Here it is.

Security Center Advisory!

We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address and we have reasons to belive that your account was hijacked by a third party without your authorization. If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you.

If you are the rightful holder of the account you must click the link below and then complete all steps from the following page as we try to verify your identity.

Click here to verify your account

If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.

Thank you for using PayPal!
PayPal Email ID PP697

Now, in the first place, I do not have a pay pal account. In order to report this to pay pal, I would first need an account. Well, I don't want an account because I know that pay pal and ebay are third party sites. They are very vunerable to attacks so I steer clear of these kinds of sites.

Ok so now what? I cannot report to ftc because I have not been victimized. I went to one site that looks like a pay pal site. I reported this to them. Here was my answer:

webform@paypal.com <webform@paypal.com>

TO Me:

Thank you for writing to PayPal regarding the email you received.

Because this is not an eBay or PayPal member, website, or email, we are
unable to determine if this email is legitimate. While it may be
considered spam or possibly even fraudulent, it is not something we can
determine on behalf of other companies. This email should be reported to
the company that appeared to send it for their assistance and
investigation. Normally, to do this, you would substitute the word
"abuse" in place of the name in front of the @ symbol. For example, if
the email was sent from user@goodmail.com, you would send your report to

In addition, you may also want to see if online customer support is
available for this company. As for eBay, please forward any suspicious
emails to spoof@ebay.com for our review and investigation. I also invite
you to take this time to familiarize yourself with eBays Security Center
for helpful information on this topic. A link to our Security Center can
be found below:

<a class="jive-link-external" href="http://pages.ebay.com/securitycenter/index.html" target="_newWindow">http://pages.ebay.com/securitycenter/index.html</a>

Thank you again for reporting this email. I hope this information will
be helpful.

PayPal Account Review Department

By the way, Check out this site. I thought you reported stuff here and this mail was what I got.

Now can you please tell me why I should open an account, spend all my time running around on the site, to review their security rules? When all I want to do is report this fraud? I have things to do other than visit pay pal and ebay and checking out their way of doing business and what they offer. BTW...Here is something you might want to see too&gt;&gt;&gt;&gt; <a class="jive-link-external" href="http://www.paypalsucks.com/" target="_newWindow">http://www.paypalsucks.com/</a> This might teach u something about dealing with third party people who try to control your money.

Ok so now what? Still I have this phish and am wondering just what to do with it.

Any Ideas? You just really have no place to report. So should I just delete and forget it? I have looked into a number of sites and to no avail. You cannot copy and paste headers from gmail. It does work. If I forward it, it may lose pertinent information such as the original sender. Does anyone know what to do with this?
Posted by Eskiegirl302 (82 comments )
Link Flag
Legitimizing spam is the problem.
Everybody wants your email address so they can "market" to you
over the internet. Companies that you do business with will
claim they're not spamming you because they already have a
buisness relationship, and now they're shocked that con men are
taking advantage. Email is in serious danger of becoming
unusable because first you have to sort through the spam, then
you have to determine what is a legitimate unsolicited email.

Until businesses stop sending junk email, phishing isn't going
away. If I only got emails from my bank when they had a
question about a specific transaction, there wouldn't be any way
a phisher could fool me into thinking they were my bank.
Instead, I get emails that make it easy for phishers like this:

We are happy to have the opportunity to serve former Fleet
customers like you. We are committed to providing you with
important financial information and to protecting your privacy
and security.

As part of our service to you, we may occasionally send you
informative e-mail to:
Keep you up to date on special offers, products, features,
and services
Let you know how Bank of America and its associates can
help you financially  wherever you are in life
Provide you with the tools and resources you need to make
sound financial decisions
Assist you with your small business or your business

You can rest assured that we take steps to protect your
information, including your e-mail address, and will not sell or
share it with marketers outside Bank of America who may want
to offer their own products and services. Read our Privacy Policy
to find out more.

Bank of America is committed to your security and protection.
Please be aware that we will not e-mail you to request or verify
security information about passcodes, PINs, or other sensitive
details. To find out more, please see Information Security.

You can help us provide you with relevant information by taking
a moment to tell us your e-mail preferences. And remember, if
you'd like to stop receiving promotional e-mail from us, you can
unsubscribe at any time.


The security and confidentiality of your personal information is
HANDLE REPLIES. If you are a Bank of America customer and
have sensitive account-related questions, please call the phone
number provided on your account statement or the appropriate
phone number indicated in the following "Contact Us" link so we
can properly verify your identity. For all other questions or
comments, please use the Web forms available via Contact Us.

We respect your privacy, and you can rest assured that we
protect your information, including your e-mail address, and will
never sell or share it with marketers outside Bank of America. To
find out more, please read our Privacy Policy.

Bank of America E-mail, 6th Floor, 101 North Tryon Street,
Charlotte, NC 28255-0001

Bank of America, N.A. Member FDIC. Equal Housing Lender
© 2005 Bank of America Corporation. All rights reserved.
Posted by Macsaresafer (802 comments )
Reply Link Flag
Phising Scams
As long as thier is money there will be people trying to take it. The best idea would be to have a better way to report these scams to catch these punks. For one a fake amazon.com e mail came to my box, i knew it was scam cause it was not a very good one so i tried to report and learned that amazon.com really didnt care cause i never recieved another e mail and it was very diffucult to find a place to report this news. Well i still like shopping with amazon but i wish they would care more about these scams. i got the malicous email during christmas and i feel real bad for anybody that was duped by this scam probably made for a very unmerry christmas
Posted by lazarus_vendetta (13 comments )
Reply Link Flag
This may help
You are quite correct, Amazon customer service is run by marketing folks. Their approach is simply to prevent anything negative getting through so higher-ups never get to see it (job security).

After some searching and several complaints to Amazon they provided the following email for scams:


There is also a really good 3rd party web site located here:

<a class="jive-link-external" href="http://clicheideas.com/amazon.htm" target="_newWindow">http://clicheideas.com/amazon.htm</a>

Good Luck!
Posted by Mister C (423 comments )
Link Flag
I think teaching individuals to identify these attacks will be the key to curbing this new wave of phishing. Whilst we may employed additional security measures by way of technology, it will be most appropiate if folks are given the necessary information on how to identify these attacks. I believe these attacks have a common denominator which can be easily noticeable: Identifying A Targeted Attack ( <a class="jive-link-external" href="http://www.internetevolution.com/author.asp?section_id=670&#38;doc_id=156701&#38;F_src=flftwo" target="_newWindow">http://www.internetevolution.com/author.asp?section_id=670&#38;doc_id=156701&#38;F_src=flftwo</a>)
Posted by jamalystic (114 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.