The volume of phishing attacks dropped in 2010 to less than a quarter of what was seen in the previous two years, according to IBM's annual research report on threats and risks. There was still plenty of spam, however.
IBM researchers aren't sure why phishing has waned, though the apprehension of a major Romanian phishing gang last May likely helped, says Tom Cross, a researcher at IBM. Cross says it may be that phishing isn't paying enough and that attackers are shifting their attention to something "more lucrative, such as ATM skimming."
Financial institutions and their customers remained the target of phishing attacks over half the time, according to the report. Other specific attack targets included auctions, online payments and government organizations.
The most popular subject line in a phishing attack, seen about 9% of the time, is "Security Alert -- Verification of Your Current Details." One of the weirdest, seen in 3% of attacks: "Welcome to Very Best Baking!" -- the typo makes the email look like an advertisement for a bakery.
The top countries or origin for phishing URLs are Romania at 18.8%, the United States at 14.6%, China at 11.3%, South Korea at 9.8% and the United Kingdom at 7.2%.
In tracing the origin of phishing emails, IBM research shows India is tops at 15.5%, Russia at 10.4%, Brazil at 7.6%, U.S. at 7.5% and Ukraine at 6.3%. IBM notes that the same four phishing-originating countries still dominate, only their relative positions have shifted slightly in the annual ranking, with Ukraine being a "newcomer" to the "top 10" phishing list for 2010.