Anti-phishing group PhishTank, which is a service of openDNS and tracks phishing attempts on the Internet, offers information about phishing and ongoing scams, and offers an open API to developers looking to build phishing protection into applications, has released its phishing statistics for October 2006. Overall, the PhishTank community noted more than 7,000 suspected phishing attempts, of which almost 3,700 were verified and just under 900 were confirmed as invalid—most of the remaining sites went offline before community members could vote.
By this time, Internet users are used to hearing that many phishing sites—that is, sites which are designed to collect personal data and account information by posing as banks and other legitimate online businesses—are hosted in places like China, South Korea, India, and other locales outside the jurisdiction of U.S. and many government authorities. And it’s true, to an extent: in October, 14 percent of phishing sites confirmed by PhishTank were in South Korea, and 6 percent were in China. Brazil, Germany, and Great Britain each hosted four percent, while Russia, Japan, , Columbia, and Costa Rica tallied up three percent each.
But the global winner for hosting the most phishing sites during October, 2006, was far and away the United States, which served as home base for some 24 percent of identified phishing scams during the month. However, the largest single host for phishing sites was South Korea’s Hanaro Telecom.
According to PhishTank, the most frequent targets of phishing scames remain PayPal and eBay, but Barlays Bank PLC, Fifth Third Bank, and Germany’s Volksbanken Raiffeisenbanken rounded out the top five, followed by U.S. financial institutions Bank of America, Wells Fargo, Key Bank, JPMorgan Chase & Co., and Citibank.
