Phishing attacks on the rise in 2007

Phishing attacks on the rise in 2007

Phishing attacks in the U.S. soared in 2007 as £1.6 billion (US$3.2 billion) was lost to these attacks, according to a survey by Gartner.

The survey found that 3.6 million adults lost money in phishing attacks in the 12 months ending to August 2007, compared with 2.3 million the year before.

"Phishing attacks are becoming more surreptitious and are often designed to drop malware that steals user credentials and sensitive information from consumer desktops," said Avivah Litan, vice president and distinguished analyst at Gartner.

"Anti-phishing detection and prevention solutions are available but not utilized widely enough to stop the damage. These must be deployed and combined with solutions that also proactively detect and stop malware-based attacks."

Litan said customer-facing organizations could not expect their customers' desktops to be protected from malicious code, nor from email and/or advertising traps that lure innocent consumers to websites that turn out to be infection points.

Phishing and malware attacks would continue to increase into 2009 because it was still a lucrative business for the perpetrators, and advertising networks will be used to deliver up to 30 percent of malware that lands on consumer desktops, said Gartner.

The analyst group said there was no easy way out of this dilemma unless email providers have incentives to invest in solutions to keep phishing emails from reaching consumers in the first place, and unless advertising networks and other "infection point" providers have incentives to keep malware from being planted on their websites to reach unsuspecting consumers.

"Enterprises should at least protect their own brands from being used in phishing attacks by subscribing to an anti-phishing solution," Ms. Litan said. "Similarly, companies should subscribe to anti-malware services that detect malware targeting the firm's customers, and prevent it from spreading across consumer desktops. Custodians of consumer financial accounts must protect those accounts through fraud prevention, stronger user authentication and transaction verification."

GO TO blog on Christmas cheer with a twist

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Gartnermalwarephishing attacks



Show Comments