New research released by IBM shows a massive ten-fold rise in targeted and co-ordinated 'spear phishing' attacks in the first half of the year, designed to extract critical data and personal information from prominent public and private sector organisations, including financial service firms.
IBM says its new security report shows a resurgence of targeted phishing attacks for money laundering and identity fraud purposes. Unlike in previous years, when viruses were mainly created to slow down and cripple IT systems, the new 'customised' attacks are used to defraud businesses, extort money and damage company brands.
According to IBM's latest Global Business Security Index, 35.7 million e-mails contained some form of phishing attack in the first six months of the year, and targeted phishing attacks increased more than ten fold in the first six months of the year, rising from one of every 56 e-mails in January, to more than 600,000 in June.
These 'for profit' attacks have mainly been directed at government agencies, financial services firms, healthcare companies and large multinational corporations.
Overall there were more than 237 million security attacks in the first half of the year, with government agencies, manufacturing companies and financial services institutions the worst hit.
Although there was a rise in the number of phsihing e-mails, the ratio of spam to legitimate e-mail continuously decreased over the course of the last six months, from 83% in January to 67% in June 2005.
But the number of virus-laden e-mails increased from one in every 51 e-mails in December 2004 to one in every 35 in January 2005 and one in every 28 by June 2005.