Phishing occurs when a fraudster sends an e-mail that contains a link to a fraudulent web site where users are asked to provide personal account information. The e-mail and web site are usually disguised to appear to recipients as though they are from a trusted service provider, financial institution or on-line merchant.
Thousands upon thousands of messages are sent out relating to each phoney web site – called "baiting" sites by the APWG.
According to the industry group's latest Phishing Activity Trends Report there were 2,560 unique sites reported in January – a jump of 47% over December (1,740) – and more than double the number reported just three months ago in October (1,186).
Altogether there were 12,845 new, unique phishing e-mail messages reported to the APWG in January, an increase of 42% over the unique reports for December.
The main target for these attacks still seems to be the banking and financial sectors.
According to APWG, in January, the number of reported hijacked brands rose to 64, including nine brands reported for the first time – eight of which related to financial institutions. In total, says the AWPG, 140 brands have been hijacked since the group began examining phishing trends.
"The APWG has been monitoring phishing attacks since late 2003 and the identity of the prime targets varied little for over a year. Since the end of last year, however, it has been apparent that the phishers have been focusing on the financial sector and, within that, their attentions have been directed toward smaller institutions; even a state credit union was attacked, in the last month," said APWG Secretary General Peter Cassidy.
Phishers also seem to be taking advantage of ever-larger numbers of compromised PCs in launching their attacks.
According to the report, non-port-80 hosted sites (used by phishers to evade filters) now account for almost 10% of all phishing sites.
"The rise in non port 80 hosted sites and the number of sites which are hosting phishing attacks continues to lead us to believe that the number of machines that are compromised and are being used to host these attacks is growing," reports the APWG.