UK users hit with 3,000 phishing attacks per day, says Kaspersky Lab

Phishing has supplanted spam as criminal subterfuge

UK Internet users were subjected to 3,000 phishing attacks per day in the year to April 2013, a small part of the swelling global tide of web-based fraud, Kaspersky Lab has reported using data from its own user base.

At around a million attempted attacks per year, this puts the UK in the middle of the pack as a target, accounting for 3.2 percent detected by the firm globally. In the previous year, the number of attacks ran at around 1,000 per day.

The most attacked countries were Russia, at 18.7 percent, the US at 12.2 percent, India at 9.9 percent, and Germany at 6.2 percent; the UK and France vied for fifth place with identical volumes.

All countries showed large percentage rises over 2011-2012, led by the US at 134 percent and India at 128 percent.

To be clear, these are attempted attacks, that is those detected by the firm presumably before they did any damage. They are also only those registered by consenting users from Kaspersky Lab alone. Therefore, the figures show only a fraction of the true scale of global phishing crime as detected by one security vendor.

In terms of the national picture, they must also reflect the countries in which Kaspersky Lab has the most participating users.

Kaspersky found that 1,739 firms whose sites were used (that is copied) as lures for the phishing scams, 250 more than the previous year. Predictably, banks made up 921 of these, although this doesn't include other types of financial firm such as credit cards and investment funds.

In the UK, the top non-bank sites that phishers copied were Facebook, Yahoo, Google and Amazon. In the US, Yahoo was still the most copied site, ahead of Facebook, Google and Amazon.

"The volume and variety of phishing attacks detected during the analysis indicates that phishing is not merely one tool among many for the illegal enrichment of fraudsters, but represents a significant and visible threat," said Kaspersky Lab research deputy CTO, Nikita Shvetsov.

"These attacks are relatively simple to organise and are demonstrably effective, attracting an increasing number of cybercriminals to this type of illegal activity."

Fascinating to report but the firm even noticed phishing attacks by criminals on other criminals, with 9,000 scams based on Liberty Reserve, the currency system heavily used by the underground until shuttered earlier this year.

Join the CSO newsletter!

Error: Please check your email address.

Tags Personal Techsecuritykaspersky lab

More about Amazon Web ServicesFacebookGoogleKasperskyKasperskyYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts