Phishers are increasingly targeting smaller financial institutions according to the latest research from the The Anti-Phishing Working Group, which is reporting a 42% monthly rise in the number of phishing attacks in January.
David Jevans, chairman, APWG, says the latest research shows that phishers are using advanced software to hijack larger arrays of Internet technologies and are at the same time using them to attack smaller banks.
Jevans says: "It could mean the counter-phishing systems that big banks have deployed are effective and the phishers are moving onto softer targets. It could mean the phishers have enough resources to target institutions in which the probabilities of getting a hit on a broad spam-based attack is relatively low."
The APWG says since the end of last year, it has been apparent that the phishers are still focusing on the financial sector but, within that, their attentions have been directed toward smaller firms, with even a state credit union attacked in the last month.
According to the latest stats, in January there were 12,845 new, unique phishing e-mail messages reported to the APWG. The number of phishing Web sites supporting these attacks rose even more dramatically, with 2560 unique sites reported in January, a jump of 47% over December (1740) and more than double the number reported just three months ago in October (1186).
The number of reported hijacked brands rose to 64 in January, including nine brands first reported in the month, eight of which are financial institutions. This comes after December's APWG report in which eight of nine other newly phished brands that month were also held by financial firms.