Tag Archives: fraudulent emails

Email Phishing Activity Over Time: 2004 – 2012 in Figures

Back in 2003, most of us faced only two types of email security threats: viruses and spam. Banking institutions, payment processors, online auctions and large e-stores didn’t really have to worry about being compromised by phishing attacks. The phishing industry wasn’t flourishing at that time. Regular email users were not put at risk of identity theft via fraudulent emails or malicious websites. That was a great time…

As noted in the MessageLabs Intelligence Annual Email Security Report, 2004 was “the year the big phish was landed”. In September 2003 the number of phishing emails detected by MessageLabs was 279. By September 2004 the figure had jumped to over two million. The main organizations targeted by phishing scams during 2004 were Citibank, HSBC, eBay, Visa, Natwest, ANZ and Westpac.

 

Email Phishing Rates 2004-2012: a Timeline of Evolution

According to a Symantec Intelligence Report issued in February 2012, the global phishing rate increased by 0.01 percentage points since January 2012, taking the global average rate to one in 358.1 emails (0.28%). The email phishing activity evolution is quite interesting to observe but is definitely disappointing to accept:

Email Phishing Rates 2004-2012

2004
As reported by the tech security company Messagelabs, phishing rates skyrocketed in 2004 due to the widespread use of zombie networks: the annual average of phishing emails reached 0.1%, or 1 in 943 emails. During 2004, MessageLabs intercepted over 18 million phishing emails (emails containing a URL to a fraudulent website).

2005
Phishing continued to be a major threat during 2005, accounting for an annual average of 0.3% or 1 in every 304 of all emails. MessageLabs intercepted around 2-3 targeted attacks per week during 2005; in 2004 this figure was almost negligible.

2006
Phishing continued to be a major threat during 2006, accounting for an annual average of 0.36% or 1 in every 274.2 of all emails.

2007
In 2007, the level of phishing attacks rose to 1 in 156.0 emails (0.64%) from 1 in 274.2 (0.36%) in 2006, an increase of 0.28%. Phishing attacks have widened their targets from defrauding major international banks and financial organizations to also targeting smaller, national and state banks, including credit unions.
Phishing attacks have also become much more targeted, using emails that include the recipients’ correct name and email address on the To: and Subject: lines. Furthermore, in some examples, the link included in the email encodes the email address of the recipient should they click on the link such that it is automatically passed to the phishing website.

2008
In 2008, phishing activity averaged around 1 in 244.9 (0.41%) emails, compared with 1 in 156.0 (0.64%) for 2007. Phishing activity peaked in February 2008 at 1 in 99.1 emails. This increase was due partly to the increased availability of plug-and-play style phishing kits that required very little technical skill to configure. Another factor was the increased use of specialized botnets for phishing activity.

The types of organizations targeted widened in 2008 and included recruitment agencies, online retailers and internet grocery sites.

2009
In 2009, one in 325.2 emails (0.31%) was a phishing attempt.

2010
In 2010, the average ratio of email traffic blocked as phishing attacks was 1 in 444.5 (0.23%), compared with 1 in 325.2 (0.31%) in 2009. Approximately 95.1 billion phishing emails were estimated to be in circulation during 2010. MessageLabs Intelligence tracked phishing attacks impersonating or relating to 1,530 different organizations, compared with 1,079 in 2009.

2011
In 2011, the overall phishing rate was 1 phishing email in 299 messages (0.33%).

2012
In February 2012, one in 358.1 emails was identified as phishing. That made up a rate of 0.27%, an increase of 0.01 percentage points since January 2012.

 

Most Attacked Countries

The Netherlands remained the country most targeted for phishing attacks in February, with one in 152.8 emails (0.65%) identified as phishing. Phishing levels for the US reached one in 753.5 (0.13%) and one in 427.9 for Canada (0.23%). In Germany phishing levels were one in 700.9 (0.14%), one in 461.9 in Denmark (0.22%). In Australia, phishing activity accounted for one in 499.9 emails (0.20%) and one in 1,045 in Hong Kong (0.10%); for Japan it was one in 4,762 (0.02%) and one in 689.9 for Singapore (0.14%). In Brazil one in 863.9 emails (0.12%) was blocked as phishing.

Phishing Rtaes by Countries

 

Most Attacked Industries

The Public Sector remained the most targeted by phishing activity in February, with one in 84.1 emails (1.19%) comprising a phishing attack. Phishing levels for the Chemical & Pharmaceutical sector reached one in 726.2 (0.14%) and one in 670.6 (0.15%) for the IT Services sector, one in 523.7 (0.19%) for Retail, one in 150.0 for Education (0.67%) and one in 328.6 (0.30%)for Finance.

Phishing Rate by Industry 2012

 

Most Recent Phishing Alerts: May-June 2012

The FraudWatch International Service posts daily updates covering all phishing alerts detected by their system. Listed below are the phishing alerts detected by this service within the last two months:

June 21, 2012 Bank of America – Bank of America: Security Alert
June 21, 2012 Guaranty Trust Bank – Update Your Details
June 21, 2012 HSBC Bank – HSBC: New Security Measures.
June 21, 2012 Commonwealth Bank Australia – CommBank NetBank: Account security Notification!!!
June 21, 2012 HDFC Bank – Important Security Notification :
June 21, 2012 Commonwealth Bank Australia – CommBank NetBank: Account security Notification!!!
June 21, 2012 Lloyds TSB Bank – IMPORTANT-Lloyds TSB Customer Service Alert.
June 21, 2012 Internal Revenue Service (IRS) – Your IRS Tax Refund Status
June 20, 2012 Littlewoods – Increased credit limit
June 20, 2012 CIBC Bank – Please verify your account
June 20, 2012 Littlewoods – Increased credit limit
June 19, 2012 AOL – Your Account Has Been Disabled
June 19, 2012 Australian Taxation Office (ATO) – Australian Taxation Office Update
June 19, 2012 Earthlink – Your EarthLink Account Will Be Deactivated
June 18, 2012 NatWest Bank – NatWest Bank Alert: Unauthorized Access On Your Account.
June 16, 2012 Citizens Bank – Update alert
June 15, 2012 NatWest Bank – ALERT
June 15, 2012 Kiwibank – New Message from Online Banking
June 15, 2012 Kiwibank – ALERT
June 15, 2012 Citizens Bank – Verify Your Citizens Bank Online Account
June 15, 2012 PayPal – Your account PayPal has been limited until we hear from you
June 15, 2012 Kiwibank – New Security Update
June 15, 2012 Chase Bank – Chase Online Service : Changes To Your Online Banking
June 15, 2012 Halifax Bank – Update the Billing Information
June 15, 2012 NatWest Bank – There Is A Deposit Payment On Your Account
June 15, 2012 Halifax Bank – New Message from Halifax Online
June 15, 2012 Bank of America – New Security Update
June 08, 2012 Chase Bank – Important Notice !!!
June 08, 2012 Chase Bank – Dear Chase Customer (JP Morgan)
June 08, 2012 Bank of America – Online Banking Update
June 06, 2012 Kiwibank – Alert! Urgent Security Notice
June 01, 2012 BankWest – New Message from Bankwest

May 21, 2012 HSBC Bank – Access temporarily suspended
May 21, 2012 Santander UK – Santander Online Banking service
May 20, 2012 PayPal – Update required for your account
May 20, 2012 ABSA – Incoming EFT Payment
May 20, 2012 Halifax Bank – Halifax E-mail Verification !
May 18, 2012 RBC Royal Bank – RBC Royal Bank: You Have (1) Unread Security Message
May 17, 2012 Westpac Bank – Westpac Online Alert
May 17, 2012 RBC Royal Bank – Important notice !
May 17, 2012 Capital One Bank – You have one new message at Capital One.
May 17, 2012 West Coast Bank – West Coast Bank ALERT New security update
May 16, 2012 NAB – National Australia Bank – You Have 1 New Secured Message
May 16, 2012 Westpac Bank – Form Number xxxxxxxx
May 15, 2012 ABSA – New security message
May 15, 2012 Capitec Bank – Attention: Online Security Notice
May 15, 2012 Bank of America – Bank of America Alert: Security Update – your action required
May 14, 2012 Citibank – Unauthorized Access Notice
May 14, 2012 Bank of America – Customer Service
May 14, 2012 Commonwealth Bank Australia – account notice
May 14, 2012 Corporation Bank – CORP BANK !!! Update Your Login Information For Your OTP Registration
May 13, 2012 Halifax Bank – Irregular activity on your halifax online Account
May 10, 2012 Kiwibank – Your Account Is Temporarily Limited
May 10, 2012 SNS Bank – SNS Beveiligingsupdate
May 21, 2012 Santander UK – Santander Online Banking service
May 20, 2012 PayPal – Update required for your account
May 20, 2012 ABSA – Incoming EFT Payment
May 20, 2012 Halifax Bank – Halifax E-mail Verification !
May 18, 2012 RBC Royal Bank – RBC Royal Bank: You Have (1) Unread Security Message
May 17, 2012 Westpac Bank – Westpac Online Alert
May 17, 2012 RBC Royal Bank – Important notice !
May 17, 2012 Capital One Bank – You have one new message at Capital One.
May 17, 2012 West Coast Bank – West Coast Bank ALERT New security update
May 16, 2012 NAB – National Australia Bank – You Have 1 New Secured Message
May 16, 2012 Westpac Bank – Form Number xxxxxxxx
May 15, 2012 ABSA – New security message
May 15, 2012 Capitec Bank – Attention: Online Security Notice
May 15, 2012 Bank of America – Bank of America Alert: Security Update – your action required
May 14, 2012 Citibank – Unauthorized Access Notice
May 14, 2012 Bank of America – Customer Service
May 14, 2012 Commonwealth Bank Australia – account notice
May 14, 2012 Corporation Bank – CORP BANK !!! Update Your Login Information For Your OTP Registration
May 13, 2012 Halifax Bank – Irregular activity on your halifax online Account
May 10, 2012 Kiwibank – Your Account Is Temporarily Limited
May 10, 2012 SNS Bank – SNS Beveiligingsupdate

As you see, the most affected brands hit by phishing attacks during May 2012 – June 2012 were Kiwibank, Bank of America, Chase Bank, Halifax Bank, PayPal and NatWest Bank.

 

Tips for Businesses to Avoid Phishing Threats and Identity Thefts

There is no one universal solution to keep your digital data safe and guard, so your approach to security must be multi-layered:

  • Use highly secure Extended Validation SSL Certificates for your websites.
    EV SSL Certificates offer the highest level of authentication and trigger browsers to give users a very visible indicator that the user is on a secured site by turning the address bar green. This is valuable protection against a range of online attacks.
  • Use DNSSEC to preserve the integrity of the Company domain name system (DNS).
  • Regularly assess Company websites for vulnerabilities.
  • Use digital signatures in your outgoing emails.
  • Ensure that your employees secure and protect their code signing keys if they hold digital certificates.
    Make it a rule to store keys in secure, tamper-proof, cryptographic hardware devices.
  • Ensure passwords are strong; at least 8-10 characters long and include a mixture of letters and numbers. Encourage users to avoid re-using the same passwords on multiple Web sites and sharing of passwords with others should be forbidden.
  • Educate your employees about the various ways in which hackers use social engineering as a way to persuade users to click on malicious links.
  • Ensure that your employees never disclose any confidential personal or financial information unless and until they can confirm that any request for such information is legitimate.
  • Ensure that your employees review their bank, credit card, and credit information frequently for irregular activity.
  • Ask your employees to look for the green browser address bar, HTTPS, and recognizable trust marks when they visit websites where they login or share any personal information.

For more tips on how to avoid phishing and identity thefts, read 5 Simple Rules that Can Protect You from Cyber Crimes. You can also learn how the EmailTray email client may protect you from spam and phishing.