Phishers going after small fry
Online fraud scams are increasingly turning their sights to credit unions, according to a new report.
While most of the fraud schemes still focus on big businesses such as major banks, smaller financial companies are increasingly being hit said the report, published Friday by the Anti-Phishing Working Group.
"Hackers are modifying their attack methods by shifting away from attacking popular or large institutions," the monthly report said.
Phishing is a prevalent type of online fraud that attempts to steal sensitive information such as usernames, passwords and credit card numbers. The schemes typically combine spam e-mail and fraudulent Web pages that look like legitimate sites.
The report covers trends in April, but a bigger jump in the number of credit unions targeted in phishing schemes was actually seen in May, said Dan Hubbard, a senior director at security company
The number of credit unions in phishing e-mails has been growing over the past months, Hubbard said. The total rose from three in February to 21 in May.
Phishers are likely targeting the smaller financial businesses because of countermeasures put in place by larger banks, Hubbard said. Also, the attackers may simply be expanding their hit list, he said.
In April, the number of phishing attempts reported to the Anti-Phishing Working Group rose to 14,411, continuing a trend of slight monthly growth this year. However, a small drop in unique phishing e-mails was reported, down to 3,930, from 4,100 in March.
Other trends noted by the APWG include another increase in the number of phishing Web sites hosted in China, which was home to 22 percent of the 2,854 active phishing sites reported in April. The country came a close second to the United States, where 26.3 percent of sites were hosted, according to the report.
China is gaining in popularity among phishers as more PCs in the country get connected to high-speed lines, Hubbard said. In addition, it is harder for victimized companies to get service providers to shut down sites there, he noted. "Anytime you go across borders, it becomes more difficult to perform takedowns," he said.