Sectors
Companies
About
Subscribe

SA tops global phishing targets

Nicola Mawson
By Nicola Mawson, Contributing journalist
Johannesburg, 10 Apr 2014
The public sector is the most targeted for phishing scams, says Symantec.
The public sector is the most targeted for phishing scams, says Symantec.

SA attracts more phishing e-mails than any other of the 10 geographies surveyed in Symantec's Internet Security Threat Report 2014.

According to the survey, which was based on different sources within the Symantec ecosystem, one in every 419.8 e-mails was identified as coming from a fraudster last year. The report notes SA's rate of attraction is higher than several other countries, including the UK - at one in 454.1 - as well as Italy, Australia, Canada and New Zealand.

The recently-published document notes the phishing rate decreased significantly year-on-year for all of the top 10 geographies in 2013. "The highest average rate for phishing activity in 2013 was for organisations in SA," it says.

In 2012, the Netherlands scored the highest rates, with one in 123.1 e-mails being identified as phishing attacks. The European country's rate has since dropped to one in 1 115.9, making it seventh on Symantec's list.

Some 71% of phishing attacks were related to spoofed financial companies, compared with 67% in 2012, it notes.

See also
Phishing scam targets cellphone users

In the mid-to-late 2000s, most phishing attempts were carried out through e-mail for financial gain, but evolved over time to expand in scope to include e-mails purporting to be from organisations outside of financial services, says Symantec.

Fakers

Symantec notes the phishing rate for 2013 increased, from one in 414.3 e-mails per day, to one in 392.4. The busiest month of the year was February, when the rate rose to one in 193 e-mails, it says.

"Many of these phishing attempts consist of fake login pages for popular social networks. In addition to spoofing login pages of legitimate sites, phishers began introducing baits relevant to current events to add flavour to the phishing pages.

"Celebrity promotions, popular community pages, social networking applications, and other related material were introduced into phishing sites as bait."

Symantec captures its through several sources, including the Symantec Probe Network - which has more than five million decoy accounts - its cloud offering and its technologies. Over 8.4 billion e-mail messages are processed each month and more than 1.7 billion Web requests filtered each day across 14 centres, it says.

ITWeb Security Summit 2014

The tailored tracks at the ITWeb Security Summit 2014 cover a wide range of topics, empowering information security professionals to select sessions of particular relevance to their roles within the enterprise. ITWeb Security Summit 2014 takes place from 27 to 29 May at the Sandton Convention Centre. Book your spot now.

The security software company also gathers phishing information through an "extensive" anti-fraud community of enterprises, security vendors, and more than 50 million consumers.

Symantec adds the rate of phishing declined across all of the top 10 industry sectors in 2013, although entities in the government and public sector were subjected to the highest level of phishing activity last year, with one in 216.4 e-mails identified and blocked as phishing attacks.

However, this is an improvement on 2012, when the sector - again the most targeted - saw a phishing rate of one in 95.4, says Symantec.

Overall, SA's 2013 Internet security threat profile improved slightly from a world rank of 45 in 2012 to 46 in 2013, says Symantec.

Share