Banks See Surge in Phishing Attacks

Banks have seen enormous growth in the volume of phishing e-mails in the six months to September, compared with the same period last year, according to a new report from online brand monitoring specialist Envisional. The Cambridge-based company’s sampling identified nearly half a million separate phishing emails sent to bank customers in the six-month period, with more than 170,000 in June alone (up 117% on June 2007). As the world hovers on the brink of financial meltdown, bank customers are prime targets for criminal opportunists. Envisional’s tracking shows the overall volume of phishing emails sent to bank and insurance company customers was nearly 40% up on 2007. Between April and September, Envisional saw 460,000 distinct emails sent out by fraudsters trying to trick consumers into giving away their passwords, PIN codes and identity details. Many of these messages will have been spammed to thousands of mailboxes, taking the total number of potentially fraudulent emails well into the billions. The new research also highlights the seasonal nature of phishing activity, with a surge of phishing in the first half of the six-month period, easing off over the August holiday season and building up again towards the end of September. Targeting strategies shift, too. In June, the researchers saw a total of 135,000 phishing emails aimed at customers of the most-phished bank, representing 80 per cent of all those identified that month. But July’s tactics were sharply different. Two major banks were targeted, one being on the receiving end of 32,000 phishing mails captured in Envisional’s spam traps and the other being hit by 21,000. “Early figures for October suggest we will see an increasing number of phishing attacks on UK banking customers this autumn,” says David Franklin, Envisional’s general manager. “The 40% increase in phishing spam observed over the summer may be just the beginning. In these turbulent times, banks must be alert round the clock and ready to move fast to protect themselves and their account holders.”


Related reading