Phishing attacks are on the rise, with more than one in five PC users receiving at least five phishing emails every day, according to a web poll conducted by security firm Sophos.
According to the survey of 600 business users, 58 per cent receive at least one such email every day, while 22 per cent receive more than five a day - evidence that the drive towards financially motivated computer crime continues to accelerate, says Sophos.
The increase in phishing is also shown by statistics from the Anti-Phishing Working Group (APWG), of which Sophos is a member. The APWG detected 15,244 unique phishing reports in December 2005, up from 8,829 in December 2004. Nearly 7,200 phishing sites were reported to the APWG in December, representing 121 hijacked brands. While the average time online for a site was just 5.3 days, the longest lasted 31 days. More than a third of sites are hosted in the US, with Korea and China the next biggest offenders.
"While organisations have a responsibility to ensure the security of their own websites, they have little control over phishers that exploit their brand behind their backs," said David Jevans, Chairman of the APWG. "Phishing attacks are likely to become even more targeted in the future, and it will therefore be all the more important for users to display caution. If in doubt, they should contact the relevant organisation to check an email's authenticity."
The dangers of phishing were highlighted once again last week when Visa Asia Pacific announced that it had uncovered and shut down 20 spoof websites to prevent cardholders from falling victim to online data theft. The action was taken following reports that customers had received suspicious emails from the company's payments network. Other recent high-profile attacks have targeted customers of Wal-Mart and the US Inland Revenue Service.