Portal Home | IS News Menu | Portal Menu | ISB Menu | Main Content
RSA's Fraud Stats for November 2006
18 Dec 08:26

Since the beginning of 2006, phishing has remained the most wide-spread online fraud technique however the AFCC has detected several cases of additional attacks such as Trojans.

The RSA Security fraud experts predict that the usage of more sophisticated fraud techniques will rise as financial institutions deploy anti-fraud and strong authentication measures, thus making phishing less effective.

Breakdown of global banking brands attacked by phishing

  • US - 68 per cent
  • UK - 14 per cent
  • Canada - 4 per cent
  • Spain - 4 per cent
  • Germany - 3 per cent
  • Australia - 2 per cent
  • India - 1 per cent
  • Italy - 1 per cent
  • Mexico - 1 per cent
  • Netherlands - 1 per cent

Trend Analysis
With fraudsters having paid relatively greater attention to institutions in Canada and Germany during November, there was a slight re-shuffling in the mix of countries coming under greatest attack. Namely, despite U.S. brands having typically comprised 75 per cent of the overall number of brands targeted by phishers, it fell nearly 10 percentage points - to 67 per cent - with Canada rising to the number three slot, up from 7th most attacked in October, and Germany also ticking up slightly.

Number of brands attacked per month

  • April 2006 - 93
  • May 2006 - 157
  • June 2006 - 171
  • July 2006 - 195
  • August 2006 - 162
  • September 2006 - 156
  • October 2006 - 149
  • November 2006 - 165

Trend Analysis
While the number of brands expectedly rose correspondingly with the total number of attacks - coming in at 165, second only to July's high of 195 - the majority of the increase in attacks came at the expense of brands already focused on by fraudsters. As with total attacks, the number of brands being hijacked is expected to increase in the final month of the year.

Segmentation of US banking brands attacked by phishing

  • Regional US banks - 48 per cent
  • US credit unions - 34 per cent
  • Nationwide US banks - 18 per cent

Trend Analysis
With several additional national banks being targeted in November, the percentage of nationwide FIs under attack doubled from October, jumping from 9 per cent to 18 per cent. That, while the FCU segment fell several points from October, coming in at 34 per cent, with Regional Banks remaining steady around 50 per cent of FIs attacked. As in previous months, the vast majority of credit unions and regional banks are targeted fewer than 5 times per month.

Upsurge in Phishing Attacks - New Phishing Scam Emerging
As has been widely predicted over the past several months - with the U.S. financial industry facing its year-end deadline in meeting the FFIEC security guidance - there has been a marked increase in both the number of unique phishing sites being used to wage attacks, as well as the type of attacks being used to garner valuable consumer credentials.

With the enhanced level of protective measures taking hold across the financial industry, fraudsters are stepping up the level of phishing activity prior to the deployment of additional layers of defense. They are doing so by mimicking the very efforts that financial institutions are implementing to better protect their customers. The latest scam involves a phishing email requesting customers to click on a link within the email and enter their username and password in order to register for, or upgrade to the bank's new security enhancement. However, users are actually directed to a spoofed site that collects their online banking credentials for future use by fraudsters.

The RSA Anti-Fraud Command Center has been monitoring and acting against this increase in overall attacks against financial institutions of all sizes, and in addition, has been working to identify the myriad of clever schemes being utilized by today's fraudsters.

Online fraud is evolving. Phishing and pharming represent one of the most sophisticated, organized and innovative technological crime waves faced by online businesses. Fraudsters have new tools at their disposal and are able to adapt more rapidly than ever.

Related links: (Open in a new window.)
External link www.rsasecurity.com

View Printable View printable version (opens in new window)
Back Back