(LiveHacking.Com) – RSA has released some new figures about phishing attacks during the first half of 2012 and the news isn’t good. The number of phishing attacks rose again (for the fourth time), this time by 19% compared to the second half of 2011. In real terms this means that the estimated worldwide financial losses from these attacks alone amounted to over US$687 million.
The countries targeted by the attacks has remained unchanged with the top five being the UK, U.S., Canada, Brazil and South Africa. Although Canada occupies a spot in the top three, it has also seen some significant increases with phishing attacks increasing by nearly 400% in the first half of 2012. This is likely due to the economic health of the North American country, to put it simply fraudsters follow the money.
“The interesting part this time was the fact that the industry’s attack duration median (uptime), according to the Anti-Phishing Working Group, went down from 15.3 hours per attack to 11.72 hours per attack, thus somewhat curbing the monetary impact of each attack, even though attack numbers keep climbing,” wrote Limor Kessem. “Had attack medians remained the same, the monetary losses to phishing in 1H2012 would have exceeded US$897 million. Statistically speaking, this saved the world close to an additional 31% in money that could have been lost to phishing attackers.”
Phishing is, of course a crime, and it is perpetrated by fraudsters who can persuade victims to respond to a legitimate-looking email or click on a seemingly safe link. To do that, the attackers create emails to play on human emotions, it is a con. Although phishing is a modern crime for the Internet age, the forces behind it – manipulation, deceit and persuasion – are not.
With Internet users increasingly relying on webmail and social networking sites, successful phishing attacks to obtain access to Facebook or Gmail open the doors to many other avenues. If an email account is hacked by information used during a phishing attack then the attacker can reset passwords for other important accounts (PayPal, Amazon, Apple/iCloud etc). This is what happened to Mat Honan. The hackers managed to breached Mat’s iCloud account and then proceeded to reset all of Mat’s accounts and devices, they even sent remote wipe commands to Mat’s iPhone, iPad and MacBook.