One single criminal operation was responsible for two-thirds of all phishing” attacks in the second half of 2009 and is responsible for a two-fold increase in the crime, a report published by the Anti-Phishing Working Group (APWG) stated. Over the last three years, the Anti-Phishing Working Group’s semiannual Global Phishing Survey has become a widely cited source of information about the state of phishing and its effect on Internet users.

“Phishing,” is the process of attempting to acquire sensitive information such as user-names, passwords, social security numbers, credit card numbers and other personal and financial information by masquerading as a legitimate sender in an e-mail or other electronic communication. Messages that purport to be from popular social web sites, auction sites, on-line payment processors or web-site technical administrators are commonly used to lure individuals into responding. Phishing is typically done using e-mail or instant messaging, and messages usually instruct the reader to enter personal information at a fake website whose look and feel are almost identical to the one it mimics.

There were 126,697 phishing attacks during the second half of 2009, more than double the number in the first half of the year or from July through December of 2008, the APWG report said. Avalanche, which was first identified in December of 2008, was responsible for almost one-quarter (24%) of attacks in the first six months of 2009 and for almost two-thirds (66%) over the remainder of the year. Avalanche targeted more than 40 major financial institutions, online services, and job search providers.

The APWG report stated that, during the attacks, “ … target institutions, the relevant domain name registrar(s), a domain name registry, and other responders and service providers to all be aware of the campaign and working on mitigation at the same time …” Oddly enough, the very scope of Avalanche’s early coordinated attacks may have resulted in the greater ability of the Internet community to neutralize the group’s later efforts.

The Avalanche gang’s infrastructure was briefly shut down in mid November, and ever since then phishing attacks generated by the group have dropped precipitously. Last month, the gang was only able to launch 59 attacks.

Tags: id theft, LifeLock, phishing

This entry was posted on Friday, September 3rd, 2010 at 1:57 pm and is filed under Articles Concerning Identity Theft. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.