Skip to main content

Phishing Attacks Reach All-Time High

The Anti-Phishing Working Group, a pan-industry association aimed at eliminating identity theft and fraud through phishing, pharming, and email spoofing, is reporting November 2005 marked a new high in email fraud attacks (PDF), with the organization identifying nearly 17,000 unique phishing attempts and over 4,600 unique phishing sites active during the month. The number of unique phishing attacks was nearly double those identified during November 2004 and marks an all-time high.

Phishing attacks are attempts to steal sensitive or personally identifying information like credit card numbers, passwords, account numbers, and more, usually through a combination of social engineering and technical trickery. A typical phishing scheme will employ a “spoofed” email which appears to be from a bank, reputable company, or other institution requesting users verify or update their account information. Of course, the message is fake, and either transmits any collected information to a site controlled by the scammers, or (in a so-called pharming attack) directs users to a Web site which looks like the real institution, but is operated by the scammers solely to collect sensitive information. Once collected, these details are used to obtain unauthorized access to accounts or services, or sold to criminals for that purpose. Scammers also use Trojan horse programs and spyware to obtain sensitive information directly by scanning a user’s files and/or monitoring their keyboard activity.

Recommended Videos

The Anti-Phishing Working Group found that the number of brand names exploited in phishing attacks increased from 64 to 93 during the last year, and now more regularly includes names like Google, Apple, PayPal, and eBay in addition to large financial institutions and credit card companies.

Contrary to some popular belief, the AFWG found during November 2005 that nearly one third of active phishing sites were hosted within the United States with South Korea and China accounting for 11.3 and 8.04 percent respectively. Phishing sites remained online for an average of five and a half days, although some remained online and running for the entire month.

The APWG also found 165 unique password-stealing applications were active during November 2005, and more than 1,000 sites knowingly (or unwittingly) hosted password-stealing trojan horses. Phishing methods are also becoming more sophisticated, including programs which rewrite a computers DNS server information to route specific requests through rogue DNS servers operated by the scammers.

Geoff Duncan
Former Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Meta AI glasses leak tips one-eyed screen, Android soul, and high ask
Phil Nickinson wearing the Apple AirPods Pro and Ray-Ban Meta smart glasses.

Meta has tasted some unprecedented success with its Stories smart glasses, created in collaboration with Ray-Ban. The premise of a wearable device with onboard cameras, ready to take social media videos, coupled with an onboard AI assistant, has proved hot enough that Meta has even made high-fashion variants for the upscale market. 

What they have sorely missed so far, is an interactive screen. The next avenue for Meta is apparently putting a display on its fashionable smart glasses and taking their functional appeal to the next level. But that convenience will apparently come at a steep ask. According to Bloomberg, customers are in for a sticker shock worth a thousand dollars at the very least. 

Read more
Gmail just made your email security even better with simpler encryptions for all
Gmail inbox in Safari on a laptop.

Gmail is 21 years old today and for its birthday present it wants to give the gift of easier encryption for all.

This is a service that's aimed at companies in regulated industries to more easily encrypt their emails, no matter the recipient.

Read more
Google’s latest AI model, Gemini 2.5 Pro, is now available for all users
Gemini Live running on Google Pixel 9a.

Last yesterday evening, Google announced that its latest Gemini 2.5 Pro model is now available to all users. The latest version of Gemini is available in an experimental state, and you can try it for yourself by going to Gemini.Google.com. For now, this model is only available via the web, although Google says it's working on bringing it to the mobile app as quickly as possible.

Before trying it out, be warned that free users are subject to much tighter usage limits. Depending on your query, you can run out of allocated searches in only a few questions (for example, if you ask it to compare the cost of living of European Union nations.) For the best experience, Google recommends subscribing to Gemini Advanced.

Read more