Number of phishing sites continues to mushroom

The number of phishing web sites, which mimic legitimate online businesses to steal credit card accounts and other confidential data through fraudulent e-mail messages, rose 289% year-over-year in April to 11,121 sites, most of them from the U.S. and China, though they are also known to be based in the Republic of Korea, Japan, Germany and five other countries, the Anti-Phishing Working Group reported.

Those sites supported a 21% year-to-year increase in the number of April phishing e-mail reports, to 17,490 from 14,411 in April 2005, the APWG said.

The number of brands hijacked in April phishing attacks rose 16% year-to-year, to 92 from 79.

The number of web sites hosting “keyloggers,” or malicious code that can steal passwords and other data after downloading to legitimate web sites from e-mail attachments, rose more than 10-fold in April to 2,683, up from 260 in April 2005, the APWG said. Most keylogger host sites are in the U.S., but they are also known to reside in Spain, China and six other countries, it added.