Email scams such as phishing attacks are now at the same level as adult-related spam mail and are growing at a faster rate, new data has revealed.
Since the beginning of this year, the number of phishing scams has risen from 1pc to 8.3pc of the total volume of spam in circulation, according to the latest figures from the global team of SurfControl Threat Experts. The company found that the number of emails generated between January and June, attempting to con recipients into handing over sensitive personal information, now equals that of adult spam.
A phishing scam is a type of social engineering attack that dupes recipients into revealing their online banking passwords, credit card details or other confidential information, which is usually financial in nature. In such cases, users receive a message that appears to come from their bank and this will often ask them to visit a website to confirm their login details. The message often directs them to a fake webpage that resembles the genuine banking site; the page captures the user’s passwords that can then be used by the fraudsters to access their victim’s account.
Over the past year, there have been versions of these scams directed at customers of the Irish banks AIB, Bank of Ireland and the credit card provider MBNA. The attacks are indiscriminate in that the criminals have no way of knowing that every recipient will be a customer of these banks, but as with spam emails, the senders only need a small percentage of successful replies in order to make a profit. The gardai previously indicated that some Irish citizens have been defrauded of money as a result of phishing attacks.
Commenting on the survey findings, Steve Purdham, chief technology officer at SurfControl said: “As spam-filtering technology becomes more comprehensive, fraudsters are becoming more devious in their techniques, using phishing attacks as an alternative source of commercial gain to previous spam campaigns that peddled cheap finance, herbal remedies, adult content and so on.”
Purdham claimed the threat is as much a risk to individuals as it is to businesses at large. “We have seen the widespread use of tactics that facilitate identity fraud as well as spyware that leaks sensitive company data,” he added. Purdham called for more to be done to educate all internet users, whether consumers or workers, about the risks in addition to the practices that they can implement to avoid being conned.
By Gordon Smith