Rather amazingly, just one crime syndicate stands accused of being responsible for some two thirds of all detected phishing attacks carried out during the last six months of 2009. The so-called Avalanche gang, according to a new report by the Anti-Phishing Working Group (APWG), used highly sophisticated malware to target 40 banks and online service providers as well as vulnerable domain name registrars.
So successful was the Eastern European based gang that not only did its activity account for 66 percent of all phishing attacks, globally, in the second half of 2009, but it caused a spike in reported phishing across the Internet. That's 84,000 of the 126,000 identified fake web sites known to have been used to steal personal information such as credit card and bank account details as well as spread malware.
The Avalanche name does not only apply to the gang behind the unprecedented attacks but also the infrastructure it is using to host those attacks. Rod Rasmussen, founder and CTO of Internet Identity and co-author of the Global Phishing Survey study, insists, however, that coordinated action against that infrastructure "has led to an ongoing, significant, reduction in attacks through April 2010". Although study co-author Greg Aaron, Director of Key Account Management and Domain Security at Afilias, does admit that "the losses by banks and individual Internet users were staggering".
The good news is that in April 2010, only 59 attacks were reported to have been caused by Avalanche.