Phishers going after small fry
While most of the fraud schemes still focus on big businesses such as major banks, smaller financial companies are increasingly being hit said the report, published Friday by the Anti-Phishing Working Group.
"Hackers are modifying their attack methods by shifting away from attacking popular or large institutions," the monthly report said.
Phishing is a prevalent type of online fraud that attempts to steal sensitive information such as usernames, passwords and credit card numbers. The schemes typically combine spam e-mail and fraudulent Web pages that look like legitimate sites.
The report covers trends in April, but a bigger jump in the number of credit unions targeted in phishing schemes was actually seen in May, said Dan Hubbard, a senior director at security company Websense, which helped write the report. (Click here for PDF.)
The number of credit unions in phishing e-mails has been growing over the past months, Hubbard said. The total rose from three in February to 21 in May.
Phishers are likely targeting the smaller financial businesses because of countermeasures put in place by larger banks, Hubbard said. Also, the attackers may simply be expanding their hit list, he said.
In April, the number of phishing attempts reported to the Anti-Phishing Working Group rose to 14,411, continuing a trend of slight monthly growth this year. However, a small drop in unique phishing e-mails was reported, down to 3,930, from 4,100 in March.