UK Internet users were subjected to 3,000 phishing attacks per day in the year to April 2013, a small part of the swelling global tide of web-based fraud, Kaspersky Lab has reported using data from its own user base.
At around a million attempted attacks per year, this puts the UK in the middle of the pack as a target, accounting for 3.2 percent detected by the firm globally. In the previous year, the number of attacks ran at around 1,000 per day.
The most attacked countries were Russia, at 18.7 percent, the US at 12.2 percent, India at 9.9 percent, and Germany at 6.2 percent; the UK and France vied for fifth place with identical volumes.
All countries showed large percentage rises over 2011-2012, led by the US at 134 percent and India at 128 percent.
To be clear, these are attempted attacks, that is those detected by the firm presumably before they did any damage. They are also only those registered by consenting users from Kaspersky Lab alone. Therefore, the figures show only a fraction of the true scale of global phishing crime as detected by one security vendor.
In terms of the national picture, they must also reflect the countries in which Kaspersky Lab has the most participating users.
Kaspersky found that 1,739 firms whose sites were used (that is copied) as lures for the phishing scams, 250 more than the previous year. Predictably, banks made up 921 of these, although this doesn't include other types of financial firm such as credit cards and investment funds.
In the UK, the top non-bank sites that phishers copied were Facebook, Yahoo, Google and Amazon. In the US, Yahoo was still the most copied site, ahead of Facebook, Google and Amazon.
“The volume and variety of phishing attacks detected during the analysis indicates that phishing is not merely one tool among many for the illegal enrichment of fraudsters, but represents a significant and visible threat,” said Kaspersky Lab research deputy CTO, Nikita Shvetsov.
“These attacks are relatively simple to organise and are demonstrably effective, attracting an increasing number of cybercriminals to this type of illegal activity.”
Fascinating to report but the firm even noticed phishing attacks by criminals on other criminals, with 9,000 scams based on Liberty Reserve, the currency system heavily used by the underground until shuttered earlier this year.