Gartner: Victims of online phishing up nearly 40 percent in 2007

Share this article:
An annual study by Gartner will report that the number of consumers who were taken in by bogus online offerings increased by nearly 40 percent in 2007 over the previous year.

Gartner vice president and research director Avivah Litan told that the report will reveal that 3.2 percent of adults in the United States who said they received phishing emails this year lost money as a result of these scams, compared with 2.3 percent of the total in 2006.

Industry analysts estimate that the overall cost to consumers of online fraud is approaching $3 billion for 2007, compared with $2 billion in losses reported last year, while more than three million consumers have been victimized. This upward trend is expected to continue as phishing expeditions get more sophisticated and security upgrades play catch-up.

The Gartner report comes on the heels of warnings from top industry security experts that online shopping scams likely will mushroom into a major threat during the holiday season. Christopher Rouland, chief technology officer at IBM Internet Security Systems, told the Associated Press this week that online shoppers should be particularly wary of highly discounted one-use coupons that they receive via email, which may redirect them to a copycat site whose purpose is to steal their credit card data.

According to Rouland, the quality of malware deployed in these phishing schemes is “very high.” IBM reported that the “phish trap” email addresses it controls, which number more than one million, discovered about 867,000 scams in the third quarter alone.

Litan noted that scammers have been refining the social engineering in their phishing schemes, using enticing coupons and bogus online advertising to reel in unsuspecting consumers.

“The technology (to protect consumers) exists, but it is not widely deployed. The issue is who is going to pay for it,” she said.

Major online payment players like PayPal are moving aggressively to institute digitally signed email protocols to protect their users from burgeoning phish scams, according to Litan.

“Ultimately, the best protection is for the buyer to beware,” she said.
Share this article:

Sign up to our newsletters

More in News

DDoS attacks remain up, stronger in Q2, report says

DDoS attacks remain up, stronger in Q2, report ...

Prolexic's second quarter DDoS report noted the proliferation of shorter attacks that ate up more bandwidth.

Superman soars above fellow superheroes as most toxic search term

A McAfee study found that searches pertaining to Superman exposed users to the most infected websites.

Black Hat talk on Tor weaknesses canceled

Black Hat organizers say legal counsel for the Software Engineering Institute and Carnegie Mellon University nixed the session.