The messages were first spotted in Israel by security vendor Fortinet Inc., which reported Friday morning that security appliances at its customer sites had recorded 46,000 hits by the phishing wave. Based on the number of attacks and the speed at which they're spreading, Fortinet said this phishing attack ranked in the top 10 of all time. Fortinet said it recorded 12,000 hits in the first two hours after the first one was detected Thursday evening.
"On a scale of 1 to 10 on creativity, this one is high up on fooling users," says Patrick Nolan, virus researcher at Fortinet. "But after the first click, it brings on text looking like any other phishing attack." He thinks the hackers are working hard to spread the attack quickly, because Fortinet usually sees only a couple of thousand phishing messages. "This far surpasses the common mass mailings we see," Nolan says.
"The best attacks are the ones that look real, like this one," says Pete Lindstrom, founder and analyst at Spire Security. But the large number of phishing messages being sent out made this attack easier to spot. Lindstrom notes that eBay no longer asks customers to provide information using links within E-mails and instead uses other channels to communicate with the.
The emphasis on making the Web easy to use is helping to fuel the boom in phishing and spyware, he says. "We've decided so far to forego validating sources and building out trusted directories" in favor of easy links that people can just click on.