The number of phishing attacks grew slightly during February, and there was also increased malicious software use, a group that monitors attempts at online identity theft said on Tuesday.
There were 13,141 unique phishing email messages reported to the Anti-Phishing Working Group (APWG) during February, up 2 percent on the number reported to the group in January. The number of phishing web sites supporting these activities rose 1.8 percent compared to the prior month to 2,625, according to the group. APWG compiles its data using information from ISPs (Internet service providers), network administrators, law enforcement agencies and individuals.
Phishing is a form of online identity theft that uses spoof emails and fraudulent Web sites, among other techniques, to lure people into divulging personal financial data such as credit card numbers, account usernames, passwords and, for example, social security numbers.
The average monthly growth rate of phishing emails from July 2004 through February was 26 percent, according to Peter Cassidy, the group’s secretary general, in a telephone interview.
“What’s scary is that we are seeing the numbers of servers being co-opted by scammers for criminal activities really jumping. It’s as if they are taking over more of the Internet infrastructure,” he said.
The financial services industry continues to be the main focus of scammers, with 78 percent of attacks targeting the customers of banks and other types of financial institutions, according to the group.
There was also a rise in the number of reports of keylogging and pharming, the group said, without giving details.
Keylogging involves using software to record keystrokes made on a computer and is commonly used to steal passwords. Pharming involves interfering with DNS (Domain Name System) servers to direct people to counterfeit banking or e-commerce sites when they think they are visiting a legitimate site.
The country hosting the most phishing Web sites in February was the U.S., followed by China, the group said.