Crime syndicates have widened their targets for online fraud beyond big banks and retailers to all brands.
The number of hijacked brands hit a record 365 in October 2009, a rise of 4.4% from the previous high set just two months earlier, according to figures released by anti-phishing organisation APWG.
Overall, numbers of phishing attacks fell between August and December 2009, but this was not a cause for celebration, as the number of targeted phishing expeditions pinpointing individual high net-worth targets, such as people with treasury authority, grew. Although they were low in number, they were potentially high in damage.
Mel Morris CEO at Internet security specialist Prevx said that there was another potential security minefield not covered by report. In particular, the risks people open up by using common log-ins and passwords across websites.
“Criminals will use a variety of techniques to acquire information and credentials such as logins, date of birth, mother’s maiden name, social security numbers and a home address. Like a simple jigsaw puzzle, once a few pieces of information have been gathered, the picture soon appears and criminals can easily fill in the gaps….This is why security is now very much about completely protecting people’s information, at all times, and on all websites,” said Morris.
