- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Browser makers may have added new antiphishing features to their products in recent months, but the criminals are still gaining ground in their efforts to defraud U.S. consumers, according to the Gartner research firm.
Phishers have hit more victims with their online attacks, and while fewer people are losing money to phishers, successful attempts have been yielding bigger payoffs, said Avivah Litan, vice president and distinguished analyst at Gartner. "When they do succeeded, they're stealing five times more than they stole last year."
The average loss per phishing attack was $1,244 this year, Litan said, up from $256. Gartner estimates that the total financial losses attributable to phishing will total $2.8 billion this year.
And users who are taken in by phishing scams are less likely to recover their money, Litan said. In 2005, 80% of victims got their money back. This year, that number dropped to 54%.
Gartner estimates that 3.5 million Americans will give up sensitive information to phishers in 2006 -- up from an estimated 1.9 million last year.
Although the recently released Internet Explorer 7 and Firefox 2.0 browsers came with new antiphishing features, Microsoft and Mozilla are still playing catch-up with the crooks.
"It's still too early to know how effective [these new antiphishing features] are, but certainly that technology is a couple of years too late," Litan said.
Phishing filters are not working because attackers are moving around their phishing Web sites and making it very difficult for antiphishing tools to tell the difference between a computer that is malicious and one that is simply unknown, she said.
A year ago, the average lifespan of a phisher's Web site was one week. Now it's just a few hours. "In the next year or two it will probably be one server per e-mail," Litan said. "They're impossible to catch and take down."
Antiphishing expert Paul Laudanski agrees that these attacks are on the rise. Part of the problem, he says, is the fact that Internet service providers and the companies being spoofed by phishers are not doing all they could to share information and track down the criminals.
Often companies are reluctant to share information for fear that it may lead to lawsuits, said Laudanski, owner of Computer Cops LLC and the leader of the Phishing Incident Reporting and Termination squad project.
Rss FeedRss Feed
Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
The ROI and TCO Benefits of Data Deduplication for Data Protection in the EnterpriseThis paper examines and quantifies the costs and benefits of backup with deduplication storage as...
Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment