Report: Thousands of Unique Phishing Attacks Occurred in June

Tumbleweed Communications Corp. and the Anti-Phishing Working Group last week released the Phishing Attack Trends Report for June 2004, an analysis of phishing scam attacks submitted to http://www.antiphishing.org, the Internet's most comprehensive archive of email fraud and phishing attacks.

Analysis of over 1,400 attacks reported in June shows that 92% of all attacks use forged from addresses. This trend continues to underscore the utility of e-mail sender authentication technologies as a critical step toward reducing the effectiveness of phishing campaigns by preventing fraudulent emails from reaching inboxes.

Phishing attacks use spoofed e-mails and fraudulent websites to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers, ISPs and credit card companies, phishers are able to convince up to 5% of recipients to respond to them. The result of these scams is that consumers suffer credit card fraud, identity theft, and financial loss.

In June, there were 1422 new, unique phishing attacks reported to the Anti-Phishing Working Group. This was a 19% increase over the number of attacks reported in May (1197). The average number of phishing attacks per day in June was 47.4 (up significantly from the 38.6 per day for May). Analyzing this information on a weekly basis shows every week in June averaged over 300 attacks, with the last 4 days of June on track to continue this trend. Highlights of the Anti-Phishing Working Group's June report include:

  • Number of unique phishing attacks reported in June: 1422
  • Average monthly growth rate in phishing attacks through June: 52%
  • Organization most targeted by phishing attacks in June: Citibank (492)
  • Percentage of phishing attacks using spoofed email addresses: 92%
  • Country hosting the most phishing Web sites in June: USA (27%)
  • Average lifespan of a phishing site in June: 2.25 days
  • Percentage of phishing Web sites hosted on hacked web servers: 25%
  • Percentage of phishing Web sites configured to allow criminals to remotely download captured personal data: 94%

With phishing attacks increasing in volume and complexity and serving as a conduit for illegal activity, the FTC recently endorsed email authentication as a vital part of Internet communication by reporting to Congress that this technology was the best way for enterprises to address spam, phishing and virus defense. As a leader in authentication and a major government supplier of authentication technology, Tumbleweed is uniquely positioned to address this trend.

As email spoofing, spam and phishing attacks continue to increase at a rate of more than 50% and threaten businesses, partners and customers alike, enterprises must turn to authentication-based technologies to address this problem, said Jeff Smith, Chairman and CEO of Tumbleweed Communications Corp. Email sender authentication technologies enable businesses to send secure trusted outbound email to customers and verify inbound email from business partners -- preventing fraudulent emails from reaching inboxes and providing enterprises with a reduction in email fraud and phishing attacks on their brands.

You may like these other stories...

Hertz withdraws full-year forecast, cites accounting review, challengesRental car company Hertz Global Holdings Inc. said on Tuesday it is withdrawing its full-year financial forecast and expects 2014 results to be “...
Treasury prepares options to address tax inversionsDamian Paletta of the Wall Street Journal reported on Monday that US Treasury Department officials are assembling a list of administrative options for Treasury Secretary...
Deloitte CEO Joe Echevarria to retire to pursue public serviceMichael Rapoport of the Wall Street Journal reported that Deloitte LLP CEO Joe Echevarria plans to retire later this month to pursue his interest in public...

Already a member? log in here.

Upcoming CPE Webinars

Aug 26
This webcast will include discussions of recently issued, commonly-applicable Accounting Standards Updates for non-public, non-governmental entities.
Aug 28
Excel spreadsheets are often akin to the American Wild West, where users can input anything they want into any worksheet cell. Excel's Data Validation feature allows you to restrict user inputs to selected choices, but there are many nuances to the feature that often trip users up.
Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.
Sep 11
This webcast will include discussions of commonly-applicable Clarified Auditing Standards for audits of non-public, non-governmental entities.