Tuesday, June 26, 2012

Phishing attacks on .in domain rising - - 22 JUn 2012

The India domain (.in), which was in the 10th position in spam distribution list last year, has now jumped to the 5th position, signalling the rise of .in URLs in spam.
Symantec’s latest analysis of the cyber threat landscape revealed this. The findings show that there has been a 187 per cent increase in phishing on Indian brands used in the .in domain in May 2012 over the previous month. And, all attacks were in the banking sector.
Banking threats are not new though. The attacks on the banking sector originated around the world. 

But Symantec’s May 2012 Intelligence report showed that Hyderabad hosted the second highest number of phishing attacks on Indian brands. It also topped the list of cities that hosted phishing sites in India of non-Indian brands followed by Nashik, New Delhi and Bangalore.

Thanjavur in the list

And Symantec experts found that Thanjavur, a small town in Tamil Nadu, also featured in the list for the first time.

The findings showed that spam had risen to 67.8 per cent and one in 568 emails identified as phishing.

On an average around 4,360 sites were blocked every day and one in 365 emails contained malware.

While highlighting the threat landscape, Symantec also did not fail to caution Internet users about spammers trying to cash in on the upcoming 2012 Summer Olympic Games.

“Lottery scams are on the rise. Tricksters might not just seek a large amount of personal data upfront, they might also use the official event logo to deceive the user of its legitimacy.”

Banking threats

With specific reference to banking threats, Symantec noted that with the growth in electronic banking channels, the level of sophistication in the threat landscape also grew.
“Particularly in India and emerging nations where banks are encouraging e-transactions as a new stream of revenue, banking threats are widely prevalent,” the report said.

The good news is that the Reserve Bank of India has proactively directed banks to beef up their information security and risk management posture, outlining 225 checks in seven categories to protect users’ information and money from cyber threats.

No comments: