June 3, 2005 1:04 PM PDT

Phishers going after small fry

Related Stories

Group pools data to trap phishers

June 1, 2005

Phishers get personal

May 26, 2005

Caught in a phishing trap

November 17, 2004
Phishers are widening their net to take in credit unions, according to a new report.

While most of the fraud schemes still focus on big businesses such as major banks, smaller financial companies are increasingly being hit said the report, published Friday by the Anti-Phishing Working Group.

"Hackers are modifying their attack methods by shifting away from attacking popular or large institutions," the monthly report said.

Related feature
Have you been phished?
Check here to see whether an e-mail that appears to be from your bank or an online merchant is actually an attempt to defraud you.

Phishing is a prevalent type of online fraud that attempts to steal sensitive information such as usernames, passwords and credit card numbers. The schemes typically combine spam e-mail and fraudulent Web pages that look like legitimate sites.

The report covers trends in April, but a bigger jump in the number of credit unions targeted in phishing schemes was actually seen in May, said Dan Hubbard, a senior director at security company Websense, which helped write the report. (Click here for PDF.)

The number of credit unions in phishing e-mails has been growing over the past months, Hubbard said. The total rose from three in February to 21 in May.

Phishers are likely targeting the smaller financial businesses because of countermeasures put in place by larger banks, Hubbard said. Also, the attackers may simply be expanding their hit list, he said.

In April, the number of phishing attempts reported to the Anti-Phishing Working Group rose to 14,411, continuing a trend of slight monthly growth this year. However, a small drop in unique phishing e-mails was reported, down to 3,930, from 4,100 in March.

Other trends noted by the APWG include another increase in the number of phishing Web sites hosted in China, which was home to 22 percent of the 2,854 active phishing sites reported in April. The country came a close second to the United States, where 26.3 percent of sites were hosted, according to the report.

China is gaining in popularity among phishers as more PCs in the country get connected to high-speed lines, Hubbard said. In addition, it is harder for victimized companies to get service providers to shut down sites there, he noted. "Anytime you go across borders, it becomes more difficult to perform takedowns," he said.

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.