« Windows feeling slow? Again? | Main | Andrew Olle Media Lecture 2006 »
November 12, 2006
Phishers target the wealthy?
According to Gartner, high income-earners are being specifically targeted by phishing scams. One of their surveys, reported by the BBC, says individuals earning more than $100,000 per year receive 50 per cent more phishing emails than the less well-off. And they lose four times as much money to the stunts - averaging around $4362.
Overall, the number of US adults who have received a phishing e-mail has doubled from 57 million in 2004 to 109 million in 2006, with total losses up too - at $2.8 billion.
We're partial to a good scare story, but we'd just like to know - if Gartner is correct - how the con men know which email addresses belong to high income earners? They're fiendishly clever, of course, but it strikes us as being highly improbable. Our observations would suggest the scammers take a completely scattergun approach, given the number of scam emails we receive that try to make us nervous about bank accounts that we don't have.
It seems more likely to us that either the wealthier respondents to the survey over-estimate the attacks, or the less well-off simpy don't recognise half the attempts to swindle them. Either way, it would make the survey total garbage, wouldn't it? Unless we've missed something.
If you can think of any way these email attacks could be tailored in this fashion, please let us know. Then we could start to really worry. In the meantime, our major concern is that reporting standards at the BBC seem to have declined dramatically. Even if the claims are true, wouldn't you think that a good journalist would have realised that if scammers had worked out a way to target high income earners, they were looking at a MUCH bigger story!
Posted by cw at November 12, 2006 07:27 AM
Trackback Pings
TrackBack URL for this entry:
http://bleedingedge.com.au/cgi-bin/mt/mt-tb.cgi/1127
Comments
Sounds dodgy to me. Although could you guess that a bigpond.net.au address belongs to a wealthier person (except me) than say dodo.com.au?
Posted by: Andrew at November 12, 2006 05:21 PM
Good question, Charles, and I don't think Gartner do a good job of explaining their assertion. In fact it doesn't seem that they have much of an idea themselves. This from a ZDNet piece (http://news.zdnet.com/2100-1009_22-6134224.html
Phishers chase the well-heeled):
"While we can't say phishers were targeting these people, we can say they did get more phishing e-mail than others," Gartner analyst Avivah Litan said. "It could be because of the lists they are on, which phishers find attractive. I've seen lists (on the Internet) where people are advertising platinum card holders' information."
Maybe it's just down to probability. I would guess that folk above the $100,000 threshold are more likely to use Internet banking, and more likely to move larger amounts of money around, and therefore are more likely to lose more money than those people who earn less.
But there's also a more intriguing possibility:
Phishers may be launching more focused attacks by matching their spam lists with information from stolen credit card lists (a business they're probably involved with anyway.) We've seen phishers target specific groups or individuals (spear phishing, in the argot) so perhaps this is just an outgrowth of that?
Posted by: Jeremy Wagstaff ![[TypeKey Profile Page]](http://bleedingedge.com.au/blog/nav-commenters.gif)
at November 13, 2006 09:54 AM
Some good points, Jeremy. I don't question the fact that on average, wealthier people lose more when their online accounts are attacked. Their daily credit limits are likely to be higher, for one thing.
And the growth of spear-fishing exploits indicate that the crooks are prepared to go to considerable trouble to target corporate sites, which offer much greater potential returns ... including perhaps customer details which could allow them to identify higher-income individuals. It's an interesting slant on Customer Relations Management.
I'd be very surprised, however, if more than a handful, if any of the 5000 US individuals Gartner surveyed had been identified in that way. That part of the survey is highly doubtful, in my opinion.
But you're quite right. There certainly is growing potential for the crooks to begin targeting specific individuals. If they did so, however, I suspect they'd try to hit them with trojans, rather than the hit-and-miss approach of phishing.
Posted by: cw at November 13, 2006 12:35 PM
One data point, one of our users mentions that the specific address he used for ameritrade seems to be getting extra spamming attention.
http://www.emailaddresses.com/forum/showthread.php?s=&threadid=46421
Also some potential more detail here:
http://www.extremetech.com/article2/0,1697,2060277,00.asp
---
Another sign of the complexity of the operation, Stewart found, was a database hacking component that signaled the ability of the spammers to target its pump-and-dump scams to victims most likely to be associated with stock trading.
Stewart said about 20 small investment and financial news sites have been breached for the express purpose of downloading user databases with e-mail addresses matched to names and other site registration data. On the bot herder's control server, Stewart found a MySQL database dump of e-mail addresses associated with an online shop.
---
Rob
Posted by: Rob Mueller at November 17, 2006 04:11 PM