The number of phishing scam e-mails has soared in 2004, rising more than tenfold in less than 12 months, according to a report from security services firm MessageLabs which warns that the rise may lead to fraudsters conducting targeted attacks on specific individuals and companies.
MessageLabs intercepted 279 phishing e-mails in September 2003 but the figure had risen significantly to more than two million by September 2004.
In 2004 the number of phishing attacks has soared from 337,050 in January to 4.5 million in November. Overall the company intercepted more than 18 million phishing e-mails during the course of the year.
MessageLabs says phishing-related online identity theft has established itself as the principal threat of 2004 and may signal the beginning of a wave of e-mail attacks targeted at specfic individuals and small groups of companies.
In November UK online payments processor Protx was hammered by a distributed denial of service (DDOS) attack conducted by a gang of cyber criminals running an extortion racket. US electronic payments processing firm Authorize.net was hit by a similar attack in September after receiving an extortion letter from hackers. Internet gaming site Blue Square was also targeted by extortionists who demanded almost £5000 to stop thousands of spam e-mails being sent out in its name.
Mark Sunner, chief technology officer of MessageLabs, says: "Already, particular businesses are being threatened and blackmailed, which could indicate a shift from random, scattergun approaches to customised attacks."
Other stats from MeesageLabs show that 73% of all e-mail is spam, compared to 40% in 2003, while one in 16 messages contain a virus compared to one in 33 last year. The most widespread outbreak of 2004 was W32/MyDoom.A, which hit in January this year.