The facts about phishing
Posted 25 October 2007 at 8:35AM by Simon Dickson in Internet security
A year ago, virtually all 'phishing' emails pretended to be from either PayPal or eBay. The two giants of online commerce responded with high-profile communication and education campaigns, which must have had some effect: the latest data from security specialists Sophos shows the bad guys are much less likely to try persuading you they're from the two big brands. The proportion claiming to come from PayPal and eBay has dropped from 85% to just over 20% - 'an impressive turnaround by anyone's standards,' says Sophos expert Graham Cluley.
Sadly though, this hasn't meant the decline of phishing. Each month, the international Anti-Phising Working Group identifies well over 20,000 malicious email campaigns playing on users' trust in well-known brands. In 95% of cases recorded in June 2007, the companies affected were in financial services; but the Group noted a growing trend for government agencies, such as the US and UK tax authorities, to be 'phished'.
Surprisingly, the Group's data shows a relatively small number of brands are affected by phishing: on average, about 160 per month. So whilst the Sophos data shows that the phishers are much less likely to mimic PayPal or eBay, there isn't yet much of a risk that your average small business will get 'phished'.
The same, unfortunately, can't be said for BT: but as we've noted here before, we never send emails asking you for personal or sensitive information. So if you do get such an email claiming to be from us, no matter how official it looks, it didn't come from us. End of.
Tags: anti-phishing working group, ebay, paypal, phishing, sophos
New feature: Rate this post!
Average rating: 3.9/5
Comments
2. At October 27, 2007 7:04 PM, Tanvir Ahmad wrote:
If ebay and paypal can spend money to promote awareness, why not BT? Whatever we read on magazines or newspapers or on a forum, there are people who have clicked on a link and gave out their details in the past and it will happen in the future. It's a global problem. I find it amusing that you are talking about phishing here but there is no warning message on the homepage. Its simple and don't think would cost BT a fortune, but will help those customers who do not have a clue about what they might get themselves into.
Too much to ask from the "leading communication service provider"?
3. At October 30, 2007 4:41 PM, charles darko asante wrote:
BT customers need to know about this and a better campaign to educate them needs to be carried out. Customers have been calling with this problem and they have to be reassured of the fact that the mails may have come from BT or otherwise, Educate customers in a better and effective way. Up to you BT.
4. At October 31, 2007 11:56 AM, anjanesh wrote:
it is easy to batter BT simply becasue it is an easy target ; but how many times has BT compromised cutomer's security (compared to ebay /paypal or any other site) ? one to one comparision should also include ebay or paypal's customer service then..
rather than berating about the problem suggesting practical solutions would be helpful here.
5. At November 1, 2007 5:10 PM, John C wrote:
I rather like the idea of someone phishing into my BT account - presumably to pay my phone bill?
Post a comment
As 14 days have passed, comments are now closed for this entry.
1. At October 25, 2007 12:13 PM, J G Dawson wrote: