Gartner: Victims of online phishing up nearly 40 percent in 2007

Share this article:
An annual study by Gartner will report that the number of consumers who were taken in by bogus online offerings increased by nearly 40 percent in 2007 over the previous year.

Gartner vice president and research director Avivah Litan told that the report will reveal that 3.2 percent of adults in the United States who said they received phishing emails this year lost money as a result of these scams, compared with 2.3 percent of the total in 2006.

Industry analysts estimate that the overall cost to consumers of online fraud is approaching $3 billion for 2007, compared with $2 billion in losses reported last year, while more than three million consumers have been victimized. This upward trend is expected to continue as phishing expeditions get more sophisticated and security upgrades play catch-up.

The Gartner report comes on the heels of warnings from top industry security experts that online shopping scams likely will mushroom into a major threat during the holiday season. Christopher Rouland, chief technology officer at IBM Internet Security Systems, told the Associated Press this week that online shoppers should be particularly wary of highly discounted one-use coupons that they receive via email, which may redirect them to a copycat site whose purpose is to steal their credit card data.

According to Rouland, the quality of malware deployed in these phishing schemes is “very high.” IBM reported that the “phish trap” email addresses it controls, which number more than one million, discovered about 867,000 scams in the third quarter alone.

Litan noted that scammers have been refining the social engineering in their phishing schemes, using enticing coupons and bogus online advertising to reel in unsuspecting consumers.

“The technology (to protect consumers) exists, but it is not widely deployed. The issue is who is going to pay for it,” she said.

Major online payment players like PayPal are moving aggressively to institute digitally signed email protocols to protect their users from burgeoning phish scams, according to Litan.

“Ultimately, the best protection is for the buyer to beware,” she said.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.