JERSEY CITY, N.J. -- The Anti-Phishing Working Group recently reported that the number of unique phishing sites nearly tripled between March '07 and April '07. April's total unique phishing site count was 55,643, up from 20,841 in March. Further, compared to April of '06, this represents an increase of more than 5 times (11,121 in 2006 vs. 55,643 in 2007).
Phishing Web sites are social engineering attacks meant to trick visitors into divulging information such as user names, passwords and account numbers and the main force driving this dramatic spike is the exponential increase in the number of phishing sub-domains. Specifically, the latest development in phishing attacks is the creation of lots of sub-domains so that, rather than having just one phishing site, these fraudsters will have numerous sub-domains under the main phishing domain which helps them elude detection. In the event one or more phishing sites are detected and shut down, more remain online to threaten consumers. Consumers without means to authenticate these sites often fall prey to the scheme and have their financial and personal information stolen.
"These statistics are staggering, and these are just the reported phishing statistics," said Melih Abdulhayoglu, President and CEO of Comodo. "The phishers are becoming increasingly savvy, having essentially nothing to lose and everything to gain. Authentication technology is the best and only line of defense against these attacks, with EV SSL certificates leading the pack."