ZDNetAsia : Printer Friendly - Phishers chase the well-heeled

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Asia.
--------------------------------------------------------------

Phishers chase the well-heeled

By Dawn Kawamoto
Friday, November 10 2006 09:28 AM
URL: http://www.zdnetasia.com/news/security/0,39044215,61966200,00.htm

People with high incomes attract more phishing e-mail messages and lose more money to them than other Internet users, according to a Gartner report.

In the past year, individuals who earn more than US$100,000 per year received an average of 112 phishing e-mail messages, the research firm said in the report released Thursday. For users in all income brackets, the figure was 74 phishing e-mail messages. Such messages appear to come from trusted sources but contain links to Web sites, such as fake banking sites, that try to trick people into handing over sensitive information.

While high-income users tended to click on bogus links less than others, their losses were greater when they were duped, the study noted. They lost an average of US$4,362 per incident--four times higher than people in other income categories.

"While we can't say phishers were targeting these people, we can say they did get more phishing e-mail than others," Gartner analyst Avivah Litan said. "It could be because of the lists they are on, which phishers find attractive. I've seen lists (on the Internet) where people are advertising platinum card holders' information."

The Gartner report said 109 million U.S. adults were subjected to phishing e-mail messages this year, up from 79 million last year and nearly double the level two years ago.

The average loss per person swelled to US$1,244 per victim this year, up from US$257 last year. Making matters worse is that the amount recovered this year dropped to an average of 54 percent of the loss, compared with 80 percent last year.

"Criminals are getting craftier, and many of the 'plain vanilla' attacks that would be done on banks are going away more and more," Litan said. "They're launching sweepstakes, lottery and gift card phishing attacks, where recovery is more difficult."

Looking at the future of phishing, Litan said she would not be surprised to see attackers begin to set up a single site to launch their attack against a single user and then shut it down. Phishers, for example, are maintaining their sites on average for about an hour, whereas a couple of years ago the sites would stay up for about a week.