'Phishing' drops; are scammers switching tactics?

Aug 26, 2009 By JORDAN ROBERTSON , AP Technology Writer

(AP) -- Internet criminals might be rethinking a favorite scam for stealing people's personal information.

A report being released Wednesday by IBM Corp. shows a big drop in the volume of "phishing" e-mails, in which fraud artists send what looks like a legitimate message from a bank or some other company. If the recipients click on a link in a phishing , they land on a rogue Web site that captures their passwords, account numbers or any other information they might enter.

IBM's midyear security report found that phishing accounted for just 0.1 percent of all spam in the first six months of this year. In the same period in 2008, phishing made up 0.2 percent to 0.8 percent of all spam.

It's not clear what, if anything, the decline means. (It also doesn't appear to be a statistical illusion caused by an increase in other kinds of spam. IBM said overall spam volume hasn't expanded, like it did in years past.)

"That is a huge, precipitous decline in the amount of phishing," said Kris Lamb, director of the X-Force research team in IBM's Systems division, which did the report. But "I wouldn't tell anybody that phishing has died as a threat."

Lamb believes phishing might have fallen off because computer users are getting smarter about identifying phony Web sites. Security software is also getting better at filtering out phishing sites before Web surfers ever seen them.

It could also be that criminals are moving on from phishing to another kind of attack, involving . IBM said it is seeing more instances of "Trojan horse" programs, which are used to spy on victims.

Dean Turner, director of Symantec Corp.'s global intelligence network, who was not involved in IBM's research, said has also noticed less phishing, but warned that it could increase again later in the year. Phishing scams spike around the holidays, he said.

IBM found that criminals are changing the types of businesses they attack with phishing. Sixty-six percent of phishing targets were banks, down from 90 percent last year. Meanwhile, companies that handle online payments, like PayPal, are being mimicked in phishing messages more frequently.

To protect yourself against phishing, access sensitive sites on your own, rather than by following links in e-mails, which might lead to sites.

©2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Explore further: Twitter rules out Turkey office amid tax row

add to favorites email to friend print save as pdf

Related Stories

Phishing Attacks in May Jumped More Than 200 Percent

Jun 30, 2005

The phishing season is officially open. Phishing – using fraudulent emails to try to dupe recipients into revealing personal or financial information -- reached its highest level in May, according to IBM. The month Global ...

Cloudmark warns of increased 'phishing'

Dec 28, 2005

Cloudmark Inc. issued a consumer warning Wednesday in anticipation of an increased risk of "phishing attacks" following the holiday shopping season.

2007 looks like year of 'malware'

Sep 18, 2007

The problem of malicious software or malware appears to be getting exponentially worse. So far this year, IBM Internet Security Systems (ISS) X-Force research and development team has identified more than 210,000 new malware ...

Researchers fight phishing attacks with phishing tactics

Oct 02, 2007

Early findings by Carnegie Mellon University researchers suggest that people who are suckered by a spoof email into visiting a counterfeit Web site are also people who are ready to learn their lesson about “phishing” ...

Anti-phishing 'posses' hunt criminals

Oct 05, 2005

California Gov. Arnold Schwarzenegger last Friday signed into law the first state legislation that penalizes fraudsters who steal online identities through "phishing" scams, but Internet companies and banks are not waiting ...

Recommended for you

Twitter rules out Turkey office amid tax row

5 hours ago

Social networking company Twitter on Wednesday rejected demands from the Turkish government to open an office there, following accusations of tax evasion and a two-week ban on the service.

How does false information spread online?

8 hours ago

Last summer the World Economic Forum (WEF) invited its 1,500 council members to identify top trends facing the world, including what should be done about them. The WEF consists of 80 councils covering a wide range of issues including social media. Members come ...

User comments : 0

More news stories

Quantenna promises 10-gigabit Wi-Fi by next year

(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...

Floating nuclear plants could ride out tsunamis

When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...

Unlocking secrets of new solar material

(Phys.org) —A new solar material that has the same crystal structure as a mineral first found in the Ural Mountains in 1839 is shooting up the efficiency charts faster than almost anything researchers have ...

Patent talk: Google sharpens contact lens vision

(Phys.org) —A report from Patent Bolt brings us one step closer to what Google may have in mind in developing smart contact lenses. According to the discussion Google is interested in the concept of contact ...

How kids' brain structures grow as memory develops

Our ability to store memories improves during childhood, associated with structural changes in the hippocampus and its connections with prefrontal and parietal cortices. New research from UC Davis is exploring ...

Gate for bacterial toxins found

Prof. Dr. Dr. Klaus Aktories and Dr. Panagiotis Papatheodorou from the Institute of Experimental and Clinical Pharmacology and Toxicology of the University of Freiburg have discovered the receptor responsible ...