Phishing E-Mails Doubled in Just Two Years; 109 million Targeted in U.S.
According to the Gartner survey, approximately 109 million U.S. adults have received Phishing e-mail attacks in 2006, up from 57 million in 2004. The average loss per victim has grown to $1,244 per victim in 2006 from $257 in 2004. The average amount of money consumers recovered from Phishing attacks in 2005 was 80%, but in 2006, recovery amounts dropped to 54%.
According to the Gartner survey of 5,000 online adults in August 2006, an estimated 24.4 million Americans have clicked on a phishing e-mail in 2006, up from approximately 11.9 million in 2005, while 3.5 million have given sensitive information to the phishers, up from 1.9 million adults last year.
High-income adults earning more than $100,000 per year are more heavily attacked. This group reported receiving an average of 112 phishing e-mails in the past year versus 74 e-mails per consumers across all income brackets. The high-income adults lost on average $4,362, almost four times as much as other victims.
Phishing e-mails that reach consumers are impersonating banks less often, and other brands, such as PayPal and eBay, more often.
The fear of phishing attacks is having a dramatic impact as among respondents who say their trust in e-mail has been adversely affected by the recent spate of security-related incidents, 85% delete e-mails they don’t trust without opening them first.
The average life of phishing sites has gone from one week a couple years ago to about one hour in 2006. Within a year or so, phishing sites may be user specific — that is a single site will be set up to launch a phishing attack against a single user.