ID threat as phishers continue UK assault

UK is world's second-biggest phishing target

By Tash Shifrin, Computerworld UK | 19 November 07

The UK is a global phishing hotspot according to security firm RSA, even though just 3 percent of worldwide attacks originate here.

Related Articles

RSA's Anti-Fraud Command Center for October shows that the UK is the second biggest target for phishing attacks on banks, with UK financial institutions taking a 16 percent share of those attacked worldwide. The UK has been second on the list for nine months in a row, with the the US, which has a 60 percent share, the world's number-one target.

The US also hosted 47 percent of the attacks logged in October, with China second on 22 percent. Just 3 percent of attacks originated in the UK.

RSA also warned that phishers have now begun to use Internationalized Domain Names (IDNs), which can be used to produce an effective spoof of a genuine bank website.

IDNs are domain names or web addresses that use local language characters, such as Cyrillic. This means a fraudster can use characters in one language to construct a URL that looks exactly like another.

RSA warned: "For example, Unicode character U+0430, Cyrillic small letter a ("a" ), can look identical to Unicode character U+0061, Latin small letter a, ("a" ) which is the lower case "a" used in English. Therefore, a spoofed phishing domain which is based on an IDN can look exactly like a genuine bank's domain written in standard ASCII code."

For more PC security reviews, news and tutorials, see PC Advisor’s Security Advisor site.

Share this article

Comments

erdie said: In hotmail they now have a button marked report phishing scam I wonder what they do with these as I have been sending about 10 a day lately The only problem is that this tabbutton is only available in the junk mail folder surely they should have thought about putting in the ordinary inbox folder One of the most important things to look out for when recieving mail from your bank is to make sure they have put your name in the email if this is missing that is a big signpost that it is not from them

Dicky said: Everyone should now be aware that receiving any email from their Bank to check with their bank firstIf it is from any other bank on any subject to ignore this and delete it Phishers are after the gullable DO NOT BE GULLEDgt

Send to a friend

Email this article to a friend or colleague:

Recipient's name *

Recipient's email *

Your name *

Captcha *

PLEASE NOTE: Your name is used only to let the recipient know who sent the story. Both your name and the recipient's name and address will not be used for any other purpose.