Symantec observed a 45 per cent decrease from the previous month in all phishing attacks, according to its September State of Phishing report.
The numbers indicate that there is some decline observed in total phishing volumes in 2009 over 2008 in the reporting period, Symantec said.
According to security solutions provider, there could be many factors behind the decrease rate: a large toolkit attack targeted towards a popular social networking site was discontinued in August. Other factors include improved phishing mitigation tactics applied by the ISP, security vendors, cyber law enforcement and so on; and even an increased awareness among Internet users.
Symantec, however, warned that actual volumes in phishing could be considered only after the upcoming holiday season.
Main Findings
The report highlighted the following details.
▪ 30 per cent of phishing URLs were generated using phishing toolkits; a decrease of 74 per cent from the previous month.
▪ There was an 11 per cent increase from the previous month in non-English phishing sites.
▪ More than 111 Web hosting services were used, which accounted for 11 per cent of all phishing attacks; a decrease of four per cent of total Web host URLs when compared to the previous month.
▪ Symantec identified an increase in a phishing tactic used in an attack targeting a popular e-mail client application.
State of Spam
In its September State of Spam report, Symantec observed that overall spam volumes averaged at 87 per cent of all e-mail messages in August 2009.
“Health spam decreased again this month and averaged at 6.73 per cent, while over 29 per cent of spam is Internet-related spam,” the report noted. “Holiday spam campaigns have begun leveraging Halloween and Christmas, following closely after Labour Day-related spam.”
