Messaging Pipeline | Phishing Costs Nearly $1 Billion
Free Newsletter GlossaryContact UsAbout Us
One To One Collaboration Servers & Security Business

June 24, 2005

Phishing Costs Nearly $1 Billion

Phishing scams cost Americans nearly $1 billion during the last year, a research firm says in a recently-released survey.

Courtesy of

Phishing scams cost Americans nearly $1 billion during the last year, a research firm said in a recently-released survey.

According to a poll of 5,000 U.S. Internet users that Gartner conducted in May, phishing attacks are not only up -- despite what some industry analysts have said -- but they're continuing to grow by leaps and bounds.

"A lot of people -- analysts mostly -- thought that phishing was just a bunch of noise in the system, and that after 2004, it would slow down," said Avivah Litan, a research director with Gartner. "That hasn't happened."

Instead, during the 12 months that ended in May 2005, 73 million American adults who use the Internet said that they "definitely" received or "thought they received" an average of more than 50 phishing e-mails. That number, said Litan, was 28 percent higher than the previous year, when 57 Americans reported that they'd been the target of phishing scams.

More telling, Litan went on, was what she's been hearing from Internet service providers, who are reporting a four-fold increase in the volume of phishing e-mails in just the last six months. (And that excludes what Litan estimated as the 30 percent of attacks which go unreported.)

"What surprised me was what the ISPs are saying," Litan said. "I knew it was bad, but I didn't know it was this bad."

Obviously, present anti-phishing methods aren't working. "If they were, these attacks wouldn't be getting through."

Only America Online is actually identifying and blocking phishing mail from reaching its members' mailboxes, Litan said. But even if others follow suit, that won't eliminate the problem. "That would help stop theft at what I call the server level," said Litan. "But if that happens, phishers will just step up their efforts to fly under the radar."

Most analysts, Litan included, have noted for months that phishers are getting sneakier, with tactics that include planting keyloggers which watch for specific URL log-in usernames and passwords (to hijack access to online bank accounts, for example).

Litan's numbers also reveal massive losses by consumers and their banks. By extrapolating the survey results, she estimated that 1.2 million U.S. adults lost money because of a phishing attack in the past 12 months. The total dollar impact: $929 million.

Nor is consumer awareness or education about phishing affecting the bottom line. Although a smaller percentage of phishing e-mail recipients actually clicked on a link embedded in the message -- 15 percent this year compared to 19 percent the year before -- the rate at which people fell for the scam hook, line, and sinker dropped just a half percentage point, from 3 to 2.5 percent.

What people want to combat phishing, but what they're unlikely to soon get, said Litan, is two-way authentication on the Web, where a Web site authenticates itself to the consumer as being legitimate. (Currently, Internet authentication schemes only validate the consumer to the site.)

"We really need two-way authentication, but that's really dependent on the browser, and no one seems interested in following through," said Litan.

She's not optimistic about the future. "Nothing's been done in the last year about phishing. It's actually gotten worse. A whole year after it first got attention and everyone said we had to get to work on the problem, here we are."

E-mail This Story
Print This Story





Get the latest Messaging news, product info, and trends every week.


Related Content

  Right-click and choose Copy to extract RSS Feed URL  Messaging Pipeline's Main RSS Feed
  Right-click and choose Copy to extract RSS Feed URL  Messaging Pipeline's Blog RSS Feed




Editorial and vendor perspectives






Editor's Picks
The Six Flavors Of Windows Vista
Microsoft plans to release a full six-pack of Vista versions, one for every taste. Which Vista will be right for you?

Hope is Not Enough When It Comes To Compliance

Three Ways To Authenticate E-Mail And Stop Spam

Wikis In The Workplace

Review: Google Desktop 3

Vendors are now talking about how collaboration can be improved by integrating video with messaging applications. They're even talking about adding live TV to mobile phones. How far do you go before it becomes a bandwidth and business productivity drain?
Video is a great idea
    13%
Video is fine but there needs to be size limits
    25%
It's never used for anything really productive
    38%
I draw the line at live TV
    25%


In search of messaging products? Check out our brand new Product Finder for a directory of groupware and collaboration tools, security products, archiving solutions, and more.



MESSAGING PIPELINE MARKETPLACE (sponsored links)

Digital Warehouse buys, sells, & rents used Cisco networking hardware such as routers & switches, as well as Juniper, Extreme & Foundry at 50-80% off list price. One year warrantee and fast delivery.


Roaring Penguin's CanIt-PRO anti-spam solution offers customizable spam and virus control for enterprises, campuses and ISPs. Designed for the mail server, CanIt-PRO lets you stop spam on YOUR terms. Click for free price quote for your organization.


Use your Intranet to manage Software Licenses, plan for Windows XP/2000 upgrades, do Security Audits and more. Click to try and ask for our white paper - PC Management for the Internet Age.


Analysts at the Tolly Group put a leading Branch Office IT services solution to the test, measuring performance, security and data reliability. Download the results, detailed in this free report, now.


Whether you need temporary or permanent access to remote PCs, LogMeIn has your solution: LogMeIn IT Reach for automatic maintenance of remote and mobile systems, and LogMeIn Rescue for instant, web-based remote access without pre-installing software.






Sponsored Links:      
 |   |   |   |   |   | 
 |   |   |   | 
 |   |   |   |   | 
Messaging Pipeline  |   |   |   | 
 |   |   |   |   | 
© 2006 | MESSAGING PIPELINE All rights reserved. | |