10,000 Indian users targeted
Phishing, a form of Internet fraud, is on the rise, according to a report by Kaspersky Lab. In the aptly titled “The evolution of phishing attacks 2011-2013”, the company surveyed the number of Internet users who were facing these attacks. The study found that the number had grown from 19.9 million to 37.3 million, almost an 87 percent increase in the last two years. The survey used data gathered from 50 million Kaspersky Security Network users between 1 May 2012 to 30 April 2013 while comparing it to figures from the same period between 2011 and 2012.
Based on the June 2013 study, Facebook, Yahoo, Google and Amazon were seen as the main targets of cyber criminals, accounting for 30 percent of all registered attacks, while 20 percent of the attacks were registered for creating fake bank and other financial organisation’s websites. Other sites like American Express, PayPal, Xbox Live and Twitter came in the Top 30 most targeted sites, according to the report.
Top Ten countries attacked in 2012-2013
The rest of the study is equally worrisome. Between 2012 and 2013, phishers were seen launching attacks that targeted an average of 102,100 people worldwide each day, which were twice as many attacks as seen in the period between 2011 and 2012. The attacks target users mostly from Russia, the USA, India, Vietnam and the UK. Countries like Vietnam, the USA, India and Germany have come up with the most number of attacked users, with the total number having doubled since last year. On the other hand, the majority of the servers responsible for hosting phishing pages were found in the USA, the UK, Germany, Russia and India. The number of unique attack sources like fake websites and servers were thrice as much in the period between 2012 and 2013 when compared with the earlier year. When you crunch the numbers, around 10,000 Indian users were among the total number of users being targeted worldwide, everyday.
Countries that are hosting the most number of hostile servers
The survey also found that around 56 percent of all identified unique attack sources were based in just 10 countries, which technically means that attackers have a small set of home bases from which they launch their attacks. Phishing works by creating a fake copy of a popular site, for example, an Internet banking website or social network, which then tries to get users to enter their login information and passwords. This data, once entered, is immediately stolen by cybercriminals in charge of the fake website. Since the information ranges from personal information to bank details or important passwords, it’s easy to steal money and spread spam or malware with the compromised accounts, or sell the databases to other criminals.
While phishing has been considered a variation of spam emails for a long time, the survey has confirmed that the scale of the attacks is now massive. The study further found that phishing no longer relies on emails anymore, with only 12 percent of all registered phishing attacks being done via spam mailing. The other 88 percent came from links to phishing pages which users followed using a web browser, a messaging service like Skype or by interacting with the online sphere in any other way.[source:tech2]