-
November 11th, 2005, 03:09 PM
#1
Phishing Stats
Hey Hey,
I haven't seen this on here yet, so here we go.
http://www.ciphertrust.com/resources/statistics/
CipherTrust has posted the most common phishing scams on the net and the countries of origins, the data is from companies that use their IronMail Device.
Company % of Attacks
CitiBank 54.16%
Smith Barney 13.48%
SunTrust 10.02%
Paypal 7.57%
Wells Fargo 5.42%
HSBC 5.07%
eBay 4.15%
USBank 0.11%
CitizensBank 0.014%
Here are some of the top phishing scams this month as well.. courtesy o fthe SANS Ouch Newsletter.
1. Phishing Scams
Subject: Halifax Online Banking Update
Bait: Fake email asking you to confirm your account data by clicking on
the embedded link.
Goal: To have you visit the Phishing site and reveal your logon
information.
Sample: http://www.millersmiles.co.uk/report/1446
Subject: Armed Forces Bank Notice
Bait: Fake email asking you to confirm/update/verify your account data
by clicking on the embedded link.
Goal: Capture your Social Security number, your customer ID, and
password.
Sample: http://www.millersmiles.co.uk/report/1428
Subject: PayPal Special Department Notice (Anti-Fraud Alert 98760)
Bait: Fake email asking you to confirm/update/verify your account data by
clicking on the embedded link.
Goal: To have you visit the Phishing site and reveal your logon
information.
Sample: http://www.millersmiles.co.uk/report/1420
Subject: Bank of Oklahoma - Notice: Unauthorized Charge to Your Bank
Account
Bait: Fake email asking you to confirm or update or verify your account
data by clicking on the embedded link.
Goal: To have you visit the Phishing site and reveal your logon
information.
Sample: http://www.millersmiles.co.uk/report/1450
Subject: First Credit Union - Renew Your Account Information
Bait: Fake email asking you to confirm or update or verify your account
data by clicking on the embedded link.
Goal: Capture as much personal information as possible.
Sample: http://www.millersmiles.co.uk/report/1495
Peace,
HT
-
November 11th, 2005, 03:23 PM
#2
Hi, in that same SANS OUCH Newsletter, they had the following stats as well:
"...a list of the ten sites that were most often used for phishing."
(www.ciphertrust.com)
EBay
PayPal
Bank First
Amazon.com
Chase Bank
Wells Fargo
Bank of Oklahoma
Barclays Bank
Bank of America
People's Bank
-Deeboe
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War
http://tazforum.**********.com/
-
November 11th, 2005, 03:29 PM
#3
I have received one from 'Wells Fargo' and one from Pay Pal. The one from Pay Pal was poorly done but the one from Frontier was very well done.......except I have never had a Wells Fargo Bank account.
\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
Author Unknown
-
November 11th, 2005, 04:00 PM
#4
Originally posted here by Deeboe
Hi, in that same SANS OUCH Newsletter, they had the following stats as well:
"...a list of the ten sites that were most often used for phishing."
(www.ciphertrust.com)
EBay
PayPal
Bank First
Amazon.com
Chase Bank
Wells Fargo
Bank of Oklahoma
Barclays Bank
Bank of America
People's Bank
-Deeboe
Which was the first half of my post :P.... that's where that came from as well.. I just went to ciphertrust and got the real numbers and order instead of their rearranged order.
Peace,
HT
-
November 11th, 2005, 04:58 PM
#5
That is true, however our lists were different.
You didn't have EBay, Bank First, Amazon.com, Chase Bank, Bank of Oklahoma, Barclays Bank, Bank of America, or the People's Bank on your list.
Just thought I would add to your already impressive list.
Thanks,
-Deeboe
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War
http://tazforum.**********.com/
-
December 20th, 2005, 06:20 PM
#6
Junior Member
Scam regarding Online banking
just received another one supposed 2 be from a german bank called "Volksbanken Raiffeisenbanken" (one of the bigger and well respected banks in germany btw)
funny thing is - appearently the phishing link in there leads 2 a static ip-adress + port ...
pardon me - past form would be more fitting
-
December 21st, 2005, 09:37 AM
#7
These stats are scary i currently live and work in Africa and you would not belive the amount of people around the office that got cheated out of some of their cache. It seems like a wide spread problem. Surly banks should take a fall for this or at least for part of the problem? I mean they would put in more resources to fight back. I know that Standard Bank here has started to warn customers and shutdown phishing sites that target them. I seem to recall a good article by Bruce Schneier Founder and CTO Counterpane Internet Security, Inc. on this subject. You could probably find it in one of the back issues of CRYPTO-GRAM.
-
December 21st, 2005, 03:16 PM
#8
Hey Hey,
AnimeRules: General if the dates are flashing in a thread, you don't post in them.. it usually means they are older threads.... Also your information would be better placed in the Phishing Examples thread... It's a long compilation of all the phishing/cyber scams that we see... You may want to add your message and the headers (sanitize them first) to that thread if you think it's an interesting message.
Peace,
HT
-
December 22nd, 2005, 12:56 AM
#9
HT:
When you see a poster that registered in 2003 and has 1 post to their name you should probably explain the word "sanitize"......
Just a thought.....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
December 22nd, 2005, 02:52 AM
#10
Originally posted here by Tiger Shark
HT:
When you see a poster that registered in 2003 and has 1 post to their name you should probably explain the word "sanitize"......
Just a thought.....
good point heh
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|