Computer Crime Research Center

images24.jpg

Phishing Scams: Statistics from mi2gIntelligence Unit

Date: April 15, 2004
Source: Computer Crime Research Center
By: Timofey Saytarly

Recently many banks all over the world encountered variety of frauds and scams committed by hackers, swinlders and inside bank officials. But the most spread kind of crime against banks and especially accounts' owners is a so called 'phishing scam'. This scam is always entailed by usual spam. Artists try to trick consumers into giving up credit card information by posing as mail from regulations.gov, the government Web site where citizens comment on federal rule-making.

The phishing e-mails typically have subject headings of 'Official information' or 'Urgent information to all credit card holders!' and claim that recent changes in the law require that Internet users identify themselves to the federal government to create a secure and safer Internet community.'

Like other phishing scams, the e-mail includes a link to a bogus Web site, which in this case closely resembles regulations.gov. Once there, users are asked to enter private and personal financial information, including credit card numbers.

Phishing expeditions can be a financial windfall for attackers, since some analysts' estimates put the success rate of such bogus e-mails at about 1 in every 20 recipients.

The most recent major outbreak of phishing attacks was between the summer of 2003 and January 2004, when Mimail and host of copy-cats tried to trick users into giving up credit card information by masquerading as messages from PayPal, eBay, and other major companies and banks.

Here are some frightening figures concerning these computer crimes.

Global Victims
The list of major banks that have been targeted by phishing scams so far include:

USA banks targeted (12 banks; 90 incidents)
American Express (11),
Bank of America(1),
Banknorth Group (1),
Bank One (1),
Citibank (60),
First Union Bank(1),
First USA (1),
Fleet Bank (5)
MBNA (1)
US Bank (1),
VISA (5),
Wells Fargo (2)

UK banks targeted (8 banks; 12 incidents)
Bank of England - Central Bank (1),
Barclays Bank (3)
Halifax Bank of Scotland (1)
HSBC (2),
Lloyds TSB Bank (2),
Natwest Bank owned by the Royal Bank of Scotland (1),
Nochex (1),
Smile Bank part of Co-operative Bank (1)

Australia &New Zealand (6 banks; 25 incidents)
Australia and New Zealand (ANZ) Banking Group (12)
Bendigo Bank (1)
Commonwealth Bank ofAustralia (3)
National Australia Bank (3)
St George Bank (1)
Westpac Banking Corporation (5)

Switzerland (1 bank; 1 incident):
Basler Kantonalbank (1)

Hong Kong and Singapore (3 banks; 3 incidents):
DBS Bank (1)
BEA (1),
Hong Kong Bank (1)

Statistics from mi2gIntelligence Unit. Unique Incidents specified in brackets.


Add comment  Email to a Friend

Discussion is closed - view comments archieve
2005-07-14 19:49:18 - i completely agree macdaddy
2005-07-14 19:48:29 - I agree. mac daddy
Total 2 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo