The most frequent target was once again Citibank with 370 attacks, down from 475 in April. Phishing scams targeting eBay (293) and its PayPal subsidiary (149) are still on the rise, while U.S. Bank emerged as a new favored target of fraud artists with 167 attacks.
The APWG reported that 95 percent of phishing scams use fake e-mail addresses purporting to be from the target institution, as opposed to the use of “social engineering” using official-sounding domains registered by scammers. Just 3 percent of May scams used such domains as the return address.
Phishing attacks seek to trick account holders into divulging sensitive account information through the use of e-mails which appear to come from trusted financial institutions and retailers.
Netcraft has developed a service to help banks and other financial organizations identify sites which may be trying to construct frauds, identity theft and phishing attacks by pretending to be the bank, or are implying that the site has a relationship with the bank when in fact there is none.