Microsoft SIR: Phishing Sites Targeting Financial Institutions
Phishers go where the money is.
Taking another look at Microsoft's Security Intelligence Report volume 13 for the time period between January and June of 2012, when it comes to phishing Web sites, sites that target financial institutions and customers accounted for a large majority of viewed attempts.
Makes sense. Malware spreaders want to make money, and the best way to do that is to infect the PCs of those that have the most access to sensitive financial information. At its peak in January, active phishing sites targeting the financial sector accounted for more than 70 percent of all phishing sites observed by Microsoft.
While the margin is wide between it and the second-place target of social networking sites (hovered around 5 percent at the beginning of the year), Microsoft observed a dramatic spike during April for this target. It actually took the top-spot away from financial institutions with close to 70 percent of all viewed phishing attempts. This coincides for a large phishing campaign that occurred between February and May of this year.
As for the top geographic locations where these temporary malware sites originate from, the United States took the top spot. Microsoft estimates that 2.9 out of every 1,000 Internet hosts were set up for the purpose of phishing in the U.S. China claimed the second spot with .6 sites per 1,000 hosts.
Stay tuned for more highlights and analysis from Microsoft's latest SIR.