Text-to-phone phishing attacks saw significant a drop in the first quarter of 2010, decreasing 62 percent compared to the previous quarter, according to a new report from security firm Internet Identity (IID).
Even with the drop, the number of credit unions being spoofed in text-to-phone cases stayed the same, meaning these organizations were the most targeted by industry. In these attacks, cyber criminals impersonate companies by text message and try to get people to call a fake interactive voice response (IVR) system designed to steal account information.
"There were some encouraging trends in fighting phishing in the first quarter of this year, including reductions in the some of the worst online attacks. Despite that, problems continue, and we’ve seen a rise in devastating losses for small businesses which threatens to massively erode trust in online business banking," said IID President and CTO Rod Rasmussen.
"In order to be one step ahead of these cyber criminals, organizations must actively detect, diagnose and mitigate such attacks 24/7, because cyber criminals don’t sleep."
Other findings of the report include:
*Cyber criminals increasingly posed as relief organizations to launch phishing attacks, claiming to help victims of recent disasters, like the earthquakes in Haiti and Chile
*More and more, phishing was used to carry out Internet Domain Name System hijackings, specifically with China’s biggest search engine Baidu.com (similar to the December 2009 hijacking of Twitter)
*The major share of phishing volume moved to targeting money transfer sites