A sharp increase in phishing attacks sees criminals target financial organisations, according to a report released today.
The intelligence report, from MessageLabs, found that 54 percent of malicious emails intercepted in September were phishing attacks - a 24 percent increase since August when only 30 percent were emails of this nature.
The research shows the focus of targeted attacks has shifted to banking organisations without two-stage authentication security measures. The independent approach, used by many financial organisations, has contributed to the rise in phishing directed against those without such technology.
The growth of social networking sites including MySpace has also added to the number of attacks where criminals mop up the personal data available to target their emails. Furthermore phishing has become localised with the use of complex alphabets such as Hebrew, which penetrates the less sophisticated filtering mechanisms.
Mark Sunner, CTO of MessageLabs, said the report highlights the contamination of email traffic making business communications unworkable in the absence of next generation filtering.
"This continuing escalation in phishing attacks and the augmented focus on banks who have not adopted new security technology shows the end user is increasingly exposed to complex and well engineered attacks," he said. "The information available on sites such as MySpace is playing into the criminals hands. These websites are naïve to the threat out there at the moment and have a duty of care to do more to protect their users."
The research also found malicious users are adopting "geek spam" techniques to dupe traditional IT security. Sixty-four percent of emails processed by MessageLabs in September was spam, which increasingly targets technology workers using email buzzwords to trick recipients into thinking it's a relevant document. The hidden words pollute the Bayesian filters and pass through traditional anti-spam software.
The September/Q3 MessageLabs Intelligence Report is a worldwide study.