C-Level Executive Phishing Attacks On The Rise - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
News
2/4/2008
01:13 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

C-Level Executive Phishing Attacks On The Rise

Meantime, the number of phishing campaigns overall fell for the second consecutive month, according to the Anti-Phishing Working Group.

Businesses and government agencies face a rising number of phishing attacks targeting high-level executives.

The Anti-Phishing Working Group on Monday said that in November the identities of 178 financial institutions and government agencies, a new record, were co-opted by phishers in an effort to dupe victims into revealing information. This represents a 2.23% increase from the previous high in April and a 48% increase from October.

At the same time, the number of phishing campaigns overall fell for the second consecutive month, dropping to 28,074 in November from 31,650 in October. The APWG attributes this decline in part to "eCrime gangs' increasing focus on targeted phishing attacks against key corporate personnel to secure credentials for theft against corporate assets."

"The attack surface is becoming increasingly fragmented as phishing groups identify and exploit technical and social-engineering opportunities to organize scams against financial institutions," said APWG secretary general Peter Cassidy in a statement.

The APWG is comprised of law enforcement organizations and industry. Many of the companies involved in the group profit from the sale of security products.

Last week, MessageLabs, a messaging security company unaffiliated with the APWG, issued a similar report. Mark Sunner, the company's chief security analyst, said there had been a rapid rise in the number of targeted phishing attacks. Many of these, he said, were being directed at C-level executives.

In 2005, MessageLabs detected two attacks per week involving targeted Trojans out of 1.5 billion messages. In 2006, it found one such attack per day out of 180 million messages. In May 2007, it saw 10 targeted attacks per day out of 250 million messages. In November, it was seeing 924 targeted attacks every five hours.

Laura Mather, senior scientist at MarkMonitor and managing director of operational policy for APWG, said in a statement that executives at companies are receiving specially targeted e-mail messages that attempt to install malware in order to gain access to corporate systems and bank accounts.

Also in November, China overtook the United States as the top phishing site host. The APWG said that 24.21% of phishing sites detected were hosted in China, compared to 23.85% in the United States.

This trend may further fuel worries about Chinese espionage, which the U.S.-China Economic and Security Review Commission called "the single greatest risk to the security of American technologies" in its November report to Congress. It's worth noting, however, that those behind phishing attacks are not necessarily located in the countries where their phishing servers can be found.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
IT Careers: 10 Industries with Job Openings Right Now
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/27/2020
Commentary
How 5G Rollout May Benefit Businesses More than Consumers
Joao-Pierre S. Ruth, Senior Writer,  5/21/2020
News
IT Leadership in Education: Getting Online School Right
Jessica Davis, Senior Editor, Enterprise Apps,  5/20/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Slideshows
Flash Poll