Social networks are increasingly becoming a favorite method of attack for phishers as they look for more efficient ways to reach potential victims, according to a newly released report.
Overall, phishing attacks rose 36 percent in the first quarter of this year compared to the same period in 2008, according to a sampling of banking brands used in MarkMonitor's Brandjacking Index report for January through April 2009. And more than 500 organizations worldwide were phished in the first quarter of this year, up 14 percent from the fourth quarter of last year, according to MarkMonitor.
Phishing attacks on social networking sites increased more than 240 percent compared to the same time last year, just behind attacks on payment services, which jumped a whopping 285 percent versus the first quarter of '08. "They exploit the trust one user has with another [on a social network]. There's a tendency to open up something from one of your 'friends' on these sites," says Frederick Felman, chief marketing officer at MarkMonitor. "This is the biggest innovation in phishing attacks since RockPHISH, and it's more social than technical exploitation. RockPHISH was an infrastructure play, but this is using someone else's infrastructure to spread the badness."