Phishing Attackers Diversify, Target Facebook Credentials

FBI warns of surge in spear-phishing attacks, says criminals seek more than bank credentials.

The FBI issued a warning Tuesday to consumers to beware a surge in spear-phishing attacks aimed at stealing intellectual property, financial credentials and personal information, often for the purposes of faking someones identity. Separately, a security firm warned that in the past year, the volume of phishing attacks more than tripled.
Increasingly, fake -- but often real-looking --
phishing emails
come personalized. Often, the e-mails contain accurate information about victims obtained via a previous intrusion or from data posted on social networking sites, blogs, or other websites, said the
bureaus warning
. This information adds a veneer of legitimacy to the message, increasing the chances the victims will open the email and respond as directed.
Internet users today are much more likely to encounter a phishing website than even just two years ago. According to Googles
Transparency Report
, as of June 9 the search service
detected 108,225 phishing sites
, up from the 9,264 it detected on May 23, 2010.
[ Mozilla plans to start blocking some tracking cookies in its Firefox browser. Read more:
Firefox Advances Do Not Track Technology
. ]
Spear-phishing awareness campaigns notwithstanding, the attacks are notoriously difficult for businesses to block. Victims have included
security firm RSA
, the
White House
and
numerous defense contractors
.
As the quantity of attacks has increased, so has the list of targeted data. Historically, many phishing attacks launched for criminal purposes have focused on stealing financial details from consumers and businesses so that gangs could
drain money from bank accounts
. But today, just 20% of all phishing attacks were disguised to look like theyve come from a legitimate financial services organization, according to Kaspersky Labs recently released report,
The Evolution of Phishing Attacks.
Kaspersky Labs report is based on data gathered anonymously -- between May 1, 2012, and April 30, 2013 -- from 50 million individual Windows users. Comparing data gathered in that timeframe to the prior 12 months, the security firm found that the number of distinct phishing attack sources tripled, and that 87% more people were targeted than before.
Of all the sites emulated by attackers, 30% were search and email services, followed by social networks (20%), banks and financial institutions (12%), IT company sites (8%), gaming sites (7%), online shopping and auction (7%) and payment services (6%). In the United States, the site most often emulated by phishing attackers was Yahoo, followed by Facebook, Google, Amazon.com, Wow-Europe, Microsoft, AOL, American Express, an unnamed bank and Twitter.
According to the study, the people most often targeted by phishing attacks resided in Russia, the United States, India, Vietnam and the United Kingdom. Meanwhile, the majority of phishing attacks were launched from the United States, followed by the United Kingdom, Germany, Russia and India.
The FBI recommends that anyone who falls victim to a phishing attack file a complaint with its
Internet Crime Complaint Center
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Phishing Attackers Diversify, Target Facebook Credentials