Products & Releases

Email Service Provider Phishing Spikes, F500 And Gov Agencies With DNSChanger Latest

Despite jump, IID Q1 eCrime Report finds overall phishing decreased 2 percent
TACOMA, Wash. – May 8, 2012 – IID (Internet Identity®), a provider of technology and services that helps organizations secure their Internet presence, today released its Q1 eCrime Report that revealed phishing attacks impersonating email service providers increased 333 percent from Q4 2011 to Q1 2012. IID attributes this spike to spammers needing unsullied email addresses since many major spamming botnets have been shut down, and Internet service providers have become more successful at identifying and blocking email from botnets and other known spam sources. During the first quarter of 2012, spammers increasingly tried to hijack “good” email addresses at large webmail services by impersonating those email service providers and phishing for email account login credentials.

“Control of a legitimate email address is like spam gold for cyber criminals,” said IID President and CTO Rod Rasmussen. “It’s pretty simple why this has become such a valued currency. Filters built to combat botnet spam have a harder time blocking spam coming from legitimate email services and email addresses without a history of abuse.”

Despite the dramatic jump in email service provider phishing, other industries on average witnessed a decrease in phishing attacks. In fact, IID’s report found phishing attacks dropped two percent when comparing statistics from Q1 2011 to Q1 2012.

IID also revealed in its Q1 eCrime Report that 74 of Fortune 500 companies and five of what it considers “major” U.S. federal agencies still had at least one computer or router on their network infected with DNSChanger malware as of the end of March. The findings come ahead of the July 9th deadline, where the FBI will shut down servers that have allowed users whose computers are infected with DNSChanger malware to navigate the Internet.

DNSChanger changes the infected system's domain name system resolution settings to use formerly rogue servers that redirect legitimate searches and domains to malicious websites. Not only does DNSChanger redirect Internet connections, it also disables anti-virus software, opening individuals and organizations up for more malicious attacks.

Sources of data and background for the IID 2012 First Quarter eCrime Trends Report include IID's own security experts and some of the world’s leading security and Internet infrastructure organizations like ICANN (Internet Corporation for Assigned Names and Numbers) and APWG (Anti-Phishing Working Group). The report, along with past eCrime reports, can be found at

About IID

IID (Internet Identity) is trusted by five of the top six banks in the U.S., the largest government agencies worldwide, and many of today’s leading financial services firms, e-commerce, social networking and ISP companies to proactively secure themselves and their extended enterprise against the latest cyber attacks. It recently introduced a number of unique Internet infrastructure security solutions, protecting against always evolving security threats with ActiveTrust® BGP, ActiveTrust DNS, and ActiveTrust Resolver with TrapTrace. IID has provided anti-phishing, malicious software (malware) and brand security solutions since the company’s founding in 1996. With its extensive data, 24-7 security analysts and deep relationships with law enforcement, service providers and security experts around the world, IID is unrivaled in keeping the Internet safe and trusted for businesses. IID is headquartered in Tacoma, Washington. More information can be found at