Number of e-mail phishing sites rises 180% year-over-year

The number of phishing web sites designed to steal consumer passwords, credit card account numbers and other data through e-mail scams rose to 27,221 in January, up 180% from a year earlier, the Anti-Phishing Working Group reports.

The January 2007 figure was down from a 2006 peak of 37,444 phishing sites in October. The peak period continued through November, with 37,439 phishing sites, before tapering off to 28,531 in December.

The APWG, which released its “Phishing Activity Trends” report for January on March 20, also reports that the number of brands hijacked in e-mail phishing attacks hit a peak last year of 176 in October; the January 2007 total was 135, up from 101 in January 2006.

Phishing attacks often use well-known brands in e-mail messages to lure consumers to web sites that are designed to look as if they belong to the same brands, but instead are fraudulent sites used to steal consumers’ personal information. Financial services companies were the targets of 88.9% of phishing attacks in January 2007, followed by Internet service provider sites, 4.4%, and retailers, 2.2%, the APWG says.