Linux News: Internet Fraud: Scammers Back Off Favorite Tactic

Scammers Back Off Favorite Tactic - Phish Ain't Bitin'

By Jordan Robertson
AP
08/26/09 9:08 AM PT

An IBM security team says it's seen a "precipitous decline" in the amount of phishing emails it's observed. Phishers send official-looking email to victims and direct them to what appears to be the Web site of a bank or other trusted company. The site, however, is a forgery that steals personal info. It's been a favorite ploy in the past, but fewer people may be falling for it.

Internet criminals might be rethinking a favorite scam for stealing people's personal information.

A report being released Wednesday by IBM (NYSE: IBM) shows a big drop in the volume of "phishing" emails, in which fraud artists send what looks like a legitimate message from a bank or some other company. If the recipients click on a link in a phishing e-mail , they land on a rogue Web site that captures their passwords, account numbers or any other information they might enter.

IBM's midyear security report found that phishing accounted for just 0.1 percent of all spam in the first six months of this year. In the same period in 2008, phishing made up 0.2 percent to 0.8 percent of all spam.

'Precipitous Decline'

It's not clear what, if anything, the decline means. (It also doesn't appear to be a statistical illusion caused by an increase in other kinds of spam. IBM said overall spam volume hasn't expanded, like it did in years past.)

"That is a huge, precipitous decline in the amount of phishing," said Kris Lamb, director of the X-Force research team in IBM's Internet Security Systems (Nasdaq: ISSX) division, which did the report. But "I wouldn't tell anybody that phishing has died as a threat."

Lamb believes phishing might have fallen off because computer users are getting smarter about identifying phony Web sites. Security software is also getting better at filtering out phishing sites before Web surfers ever seen them.

It could also be that criminals are moving on from phishing to another kind of attack, involving malicious software. IBM said it is seeing more instances of "Trojan horse" programs, which are used to spy on victims.

Coming Home for the Holidays

Dean Turner, director of Symantec's (Nasdaq: SYMC) global intelligence network, who was not involved in IBM's research, said Symantec has also noticed less phishing, but warned that it could increase again later in the year. Phishing scams spike around the holidays, he said.

IBM found that criminals are changing the types of businesses they attack with phishing. Sixty-six percent of phishing targets were banks, down from 90 percent last year. Meanwhile, companies that handle online payments, like PayPal, are being mimicked in phishing messages more frequently.

To protect yourself against phishing, access sensitive sites on your own, rather than by following links in e-mails, which might lead to phishing sites.

Next Article in Internet Fraud

Social Security: Guarding Your Identity in Online Networks
August 26, 2009

Social networks are convenient for staying up to date with your friends' lives and keeping them in touch with yours. However, if you're not careful about the people with whom you're sharing your info, a studious scammer could learn enough about you to rip you off. Here are some pointers for safer socializing.

IBM	Activate Alert \| Search Archives

Internet Security Systems Inc	Activate Alert \| Search Archives

Symantec	Activate Alert \| Search Archives