From the fake IRS e-mails that hit in-boxes during tax season to the phony banking sites that look to trick users into entering sensitive information, phishers are still up to their old tricks. Just how much was underscored recently by a three-month investigation by Panda Security that found scammers are creating 57,000 fake Websites a week to exploit 375 popular brand names, such as eBay and Western Union. Ironically, research has shown very few people respond to phishing e-mails. A report prepared last year by Trusteer analyzing phishing events from 10 large banks in Europe and the United States for three months found only a very small number of the banks' customers (0.000564 percent) fell victim to phishing attacks. Still, 45 percent of those people who actually visited phishing sites entered their information, and those numbers translated to losses of between $2.4 million and $9.4 million annually per million online banking customers. These fake Websites are not just used for phishing, though. Sometimes they are used to trick victims into downloading malware or buying fake goods. It's a big business—one eWEEK took a look at with help from security researchers. Here are examples of some of the sites created by scammers to hook victims.
of
Internet Scams and Phishing: A Look Inside the Business
by Brian Prince
Phishing the Globe
This graph shows the geographic distribution of servers hosting phishing pages in August.
Phishing MOs
The unique domains were home to more than 60 percent of the phishing attacks observed by Symantec last month, while Web hosting services and automated toolkits were responsible for 14 percent and 16 percent, respectively. The number of non-English phishing sites increased slightly by nearly 1 percent. Among the non-English phishing sites, sites in French and Italian continued to be higher during the month.
Fake eBay
According to Panda Security, eBay was the most popular high-profile brand mimicked by scammers during a recent three-month investigation. Often links to these sites are spammed out along with messages warning users their eBay accounts are going to be suspended if they don't log in.
Turning Victims into Dollars
Security researchers have noted several fake Websites offering car shoppers discounted vehicles. These sites typically request the victim make a payment towards purchasing the vehicle.
Fake Stamps of Approval
This site cyber-squatted playing off the Viagra brand. However, the site, detected by MarkMonitor in 2007, uses a phony seal of approval from the Certified Canadian International Pharmacy program. The site, which is still taking orders, does not require proof of a prescription for purchases, MarkMonitor told eWEEK.
Scammers' Favorite Sites
According to Panda Security, the creators of phony Websites love to target high-profile brands, starting with eBay, Western Union and Visa. Other brands commonly targeted include the United Services Automobile Association, HSBC and Amazon.
Paid Search Used by Counterfeiting Operations
Research by MarkMonitor examined 20 of the top 1,000 product-related searches in 2008 with a focus on paid search ads on Google, Yahoo and Bing. In total, 583 unique Websites the ads pointed to were analyzed. According to the company, roughly 17 percent of the paid search ads for popular consumer products—such as designer handbags and shoes, music, movies and hi-tech gadgets—led to sites likely offering counterfeit or pirated goods.
Windows Azure is a public cloud platform for building, hosting and scaling applications. Try Windows Azure free for 90 days and get 20GB outbound and unlimited inbound data transfer.
IT Security & Network Security News & Reviews News & Reviews 
Cloud Data Backup Now Makes Sense for SMBs: 10 Reasons Why 
HP, Lenovo, Asus Laptops, Desktops Offer Consumer Style for Busin[..]
Microsoft`s F#: 10 Reasons Why It`s a Hot Programming Language fo[..]
Data Center Efficiency: 10 Tips to Boost Productivity, Reduce Pow[..]
iPhone Apps to Kick Off the 2012 Summer Season 
Email Security: 10 Steps for Dealing With Dangerous Messages
See All Slideshows
From the fake IRS e-mails that hit in-boxes during tax season to the phony banking sites that look to trick users into entering sensitive information, phishers are still up to their old tricks. Just how much was underscored recently by a three-month investigation by Panda Security that found scammers are creating 57,000 fake Websites a week to exploit 375 popular brand names, such as eBay and Western Union. Ironically, research has shown very few people respond to phishing e-mails. A report prepared last year by Trusteer analyzing phishing events from 10 large banks in Europe and the United States for three months found only a very small number of the banks' customers (0.000564 percent) fell victim to phishing attacks. Still, 45 percent of those people who actually visited phishing sites entered their information, and those numbers translated to losses of between $2.4 million and $9.4 million annually per million online banking customers. These fake Websites are not just used for phishing, though. Sometimes they are used to trick victims into downloading malware or buying fake goods. It's a big business—one eWEEK took a look at with help from security researchers. Here are examples of some of the sites created by scammers to hook victims.