Text Message Phishing Attacks Drop in Q1 - New IID Report

TACOMA, Washington - June 17, 2010 - Internet Identity (IID), a provider of technology and services that help organizations secure Internet presence, today released its First Quarter Phishing Trends Report (www.internetidentity.com/news/in-the-news) that revealed text- to-phone phishing attacks (often called "smishing") dropped dramatically in the first quarter of 2010. According to IID, smishing attacks were down 62 percent from January to March, 2010 compared to the previous quarter. Despite the drop, the number of credit unions being impersonated in text-to-phone cases stayed the same, meaning these organizations were the most targeted by industry. In these attacks, cyber criminals impersonated companies by text message to try and lure victims to call a fake interactive voice response (IVR) system designed to steal vital personal data like logon information, account credentials, social security numbers and more.

Other findings of IID's fourth quarterly phishing report:

Cyber criminals increasingly posed as relief organizations to launch phishing attacks, claiming to help victims of recent disasters, like the earthquakes in Haiti and Chile

Phishing was increasingly used to carry out Internet Domain Name System hijackings, specifically with China's biggest search engine, Baidu.com (similar to the December 2009 hijacking of Twitter)

There was a significant reduction in the number of phishing attacks carried out by Avalanche, one of the most prolific cyber criminal gangs (responsible for two-thirds of the world's phishing attacks in the second half of 2009)

Conversely, non-Avalanche phishing attacks rose 14-percent from the previous quarter

The major share of phishing volume moved to targeting money transfer sites

"There were some encouraging trends in fighting phishing in the first quarter of this year, including reductions in the some of the worst online attacks. Despite that, problems continue, and we've seen a rise in devastating losses for small businesses which threatens to massively erode trust in online business banking," said IID President and CTO Rod Rasmussen. "In order to be one step ahead of these cyber criminals, organizations must actively detect, diagnose and mitigate such attacks 24/7, because cyber criminals don't sleep."

In 1997, IID discovered and disabled a phishing attack against AOL long before phishing became such a publicized problem. Since then, the company has been helping protect both company brands and consumer pocketbooks against such assaults. The entire IID 2010 First Quarter Phishing Trends Report can be found at www.internetidentity.com/news/in-the-news .

About IID

Internet Identity (IID) has been providing technology and services that secure the Internet presence for an organization and its extended enterprise since the company was founded in 1996. It recently started delivering the industry's first and only solution for detecting, diagnosing and mitigating domain name system (DNS) security and configuration issues for an organization and its extended enterprise. IID also provides anti-phishing, malware and brand security solutions for many of today's leading financial service firms, e-commerce, social networking and ISP companies, and more. IID is working hard to deliver solutions that help keep the Internet safe and trusted for businesses. The company is headquartered in Tacoma, Washington. More information can be found at www.internetidentity.com.