According to the estimate of RSA, the total number of phishing attacks in 2012 were around 445,004. This was up 59% from the previous year’s number of 279,580 and estiamted to have created a loss of around US$ 1.5 billion (Rs 7500 crores). The financial loss is an estimated 22% higher than the previous year.
Apart from the growth, the sophistication of the attacks also seem to have increased. While “Spear phishing” where specific persons are targetted is already known, a new technique that has evolved is a “real time filter” that allows only the attacked person to visit the phishing websites and bouncing others. This also means that security agencies trying to take down phishing sites would be warded off with a 404 error page and it becomes difficult to eliminate such sites quickly. These “bouncer Phishing Kits” developed by the malware manufacturers uses a target e-mail list and creates unique URLs for phishing which are accessible only by the targetted email link. Everybody else would receive a bouncing message.
This development has to be now factored in by the “Anti Phishing” security mechanisms. …Related Article
Naavi
