A new study by research firm Gartner found that the number of online scams known as "phishing attacks" have spiked in the last year and that online consumers are frequently tricked into divulging sensitive information to criminals.

Long a nuisance, phishing scams (which use e-mail messages and Web pages designed to look like correspondence from legitimate online businesses) have exploded in the past year, Gartner says. The survey results suggest that 76 percent of all known or suspected phishing attacks occurred in the last six months, and 92 percent of known attacks happened in the 12 months preceding the study.

The study, which ended in April 2004, surveyed 5000 adult Internet users and found that around 3 percent of those surveyed reported giving up personal financial or personal information after being drawn into a phishing scam.

The results suggest that as many as 30m adults have experienced a phishing attack and that 1.78 million adults could have fallen victim to the scams.

Phishing attacks typically begin with e-mail messages purporting to come from established companies such as EBay, Best Buy, Citigroup, and others. Web page links within the e-mail messages direct recipients to websites disguised as official company pages where the recipient is asked to enter personal information such as their social security number, account number, password, or credit card information.

A success rate of 3 percent is plenty to encourage further attacks, Gartner says.

ISPs need to address the phishing problem to prevent the Internet and e-mail from being discredited as a medium for customer transactions, Gartner says.