To see how these events are shaping thoughts and planning within enterprise environments, IID surveyed its clients who are leading enterprises on the threats from spear phishing, the more highly targeted form of phishing. More than 85 percent of respondents acknowledged some concern about spear phishing, with 33 percent saying that they are “extremely concerned.” Further, fully half of all respondents reported that their organizations had been victimized by spear phishing in the past year.
“Across the spectrum, there is a growing realization that criminals are becoming far more sophisticated in their targeting approaches, and that at the end of the day, organizations’ networks will be compromised,” said IID President and CTO Rod Rasmussen. “Our survey found that most people we talk with are already concerned, and our opinion is that if they aren’t, they sure should be.”
As an example of these more sophisticated marketing approaches to phishing, IID found that from April to June 2011 phishers increasingly used a technique called URL rewriting to target multiple legitimate domains simultaneously through compromised shared servers that host hundreds of unique URL’s at a single IP address. Compromising thousands of legitimate domains with good reputations in their attacks allows phishers to bypass many anti-spam measures and increase deliverability of their lure messages.
IID found the overall phishing increase quarter to quarter was a significant 11 percent. Yet since IID only counts one compromised IP address per phishing attack in its overall statistics, the actual increase in overall attacks if URL rewriting was to be included would be dramatically higher (more than 80 percent).
Other findings in IID’s report include:
In keeping with becoming savvy marketers, phishers utilized recent current events like Osama Bin Laden’s death, and the aftermath of the Japan earthquake and tsunami to lure phishing victims.
Criminals are targeting large e-mail service providers like Epsilon themselves in order to gain targeted account information and hijack their email infrastructure resources.
With all of the recent theft of login information, IID fears cyber criminals will increasingly try to re-use compromised IDs and passwords across Internet locations, since many logins are duplicated at multiple websites and corporate networks.
Sources of data and background for the IID 2010 Second Quarter eCrime Trends Report include IID's own security experts and some of the world’s leading security and Internet infrastructure organizations like ICANN (Internet Corporation for Assigned Names and Numbers) and APWG (Anti-Phishing Working Group). The report, along with past eCrime studies, can be found at www.internetidentity.com/resources/trend-reports.
IID (Internet Identity) has been providing technology and services that secure the Internet presence for an organization and its extended enterprise since the company was founded in 1996. It recently started delivering the industry’s first and only solution for detecting, diagnosing and mitigating domain name system (DNS) and border gateway protocol (BGP) security and configuration issues for an organization and its extended enterprise. IID also provides anti-phishing, malicious software (malware) and brand security solutions for many of today’s leading financial services firms, and e-commerce, social networking and ISP companies, and more. The company is working hard to deliver solutions that help keep the Internet safe and trusted for businesses. IID is headquartered in Tacoma, Washington. More information can be found at www.internetidentity.com.