qi-fense services give us an extra edge that we could not find anywhere else. Senior Agent, US Federal Agency
Phishing attacks and the financial losses they incur escalated in 2007, according to a survey conducted in August 2007 of more than 4,500 online U.S. adults. Companies with an online presence are also hurt by eroding consumer trust in e-mail messages, and the likelihood that trust in online advertising and social networks will similarly erode.
Key Findings
The number of online adults who definitely and/or think they received a phishing attack e-mail rose 118% in three years from a total of 57 million in 2004 to 124 million in 2007. The average consumer in this population received about 80 e-mails in the 12 months ending August 2007.
The percentage of individuals who said they received phishing e-mails and lost money as a result increased by about 1%, from 2.3% in 2006 to 3.3% in 2007. This is likely because the attacks are more targeted and are using more-devious social engineering techniques, so they are harder for consumers to detect.
Thieves are increasingly stealing debit card and other bank account credentials to rob accounts targeting areas where fraud detection is weaker than it is with credit card accounts.
Bank regulators appear to be "in the dark" when it comes to measuring damage from phishing attacks. Their enlightenment should spur more action to fight these growing attacks.
Recommendations
Enterprises should protect their own brands from being used in phishing attacks by subscribing to an anti-phishing solution. Custodians of consumer financial accounts should protect those accounts from phishing and other malware-based attacks through fraud prevention, stronger user authentication and transaction verification.