Phishing Attempts Decrease, Report Shows

An industry group attributes attacks' slower growth to anti-virus and anti-spyware and says recipients may be desensitized.

Two recent reports suggest that the flood of phishing attacks that has washed over Internet users in recent months may be ebbing.

Managed e-mail provider Postini Inc. said Monday that phishing attempts decreased 45 percent between March and April.

The report comes just days after the APWG (Anti-Phishing Working Group) industry group released its March report, which showed that reports of phishing e-mail rose by just 2 percent in March, continuing a two month trend of slower growth following double-digit month-over-month growth for most of the last year.

The slower growth may be a sign that anti-virus and anti-spyware software is beginning to stem the tide of attacks, or simply that phishing has lost its novelty and that recipients are becoming desensitized to the attacks, said Peter Cassidy, secretary general of the APWG.

Phishing attacks typically use spam e-mail and fraudulent Web sites to trick victims into divulging sensitive personal or financial information.

Reports of the attacks have grown by an average of 28 percent each month between July 2004 and March, but have increased by just single-digit percentages in the last two APWG reports.

/zimages/3/28571.gifRead more here about how the government is working with companies to fight phishing.

"People are getting bored with [phishing]. They just think of it as spam," Cassidy said.

Still, the problem is far from disappearing.

Postini said in a statement that it blocked 9 million phishing e-mail messages in April, whereas APWG received reports of 13,353 phishing scams in March, according to the groups March report.

More aggressive spam filtering by Internet service providers and corporations may also be reducing the number of phishing e-mail messages that make it into user in-boxes, he said.

Despite the decrease in phishing e-mail sent to APWG, the group noted an almost 7 percent increase in the number of Web servers linked to phishing attacks: from 2,686 in February to 2,870 in March, suggesting that the problem is still growing.

"Thats a substantial chunk of machinery," Cassidy said.

The United States was the leading source of phishing attacks, with 34 percent of all attacks launched from domestic servers, compared with 12 percent from the next-biggest source of attacks: China, according to the APWG report.

APWG also noted an increase in the number of Web sites that distribute a kind of spyware programs known as "keyloggers," which secretly record what a victim types and forward the information to an Internet site controlled by the attackers.

APWG identified more than 100 new malicious Web sites each week distributing the programs each week between February and March, and eight to 10 new kinds of keyloggers, the report said.

The programs are usually installed after victims are tricked into visiting Web sites offering sports or news content, as well as pornography, Cassidy said.

/zimages/3/28571.gifTo read more about a phishing attack that enticed recipients to divulge their ATM card numbers and PINs, click here.

The problem is particularly severe in Brazil, where many of the keyloggers are programmed to record keystrokes only when the victim visits a small list of high-value Web sites, such as online banking and financial services sites, he said.

The attacks raise the bar for Internet users who may be tempted to go without anti-virus or anti-spyware protection, he said.

"Its not about being annoyed anymore. Its about being robbed. This is very serious," Cassidy said.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.