The volume of phishing attacks dropped in 2010 to less than a quarter of what was seen in the previous two years, according to IBM's annual research report on threats and risks. There was still plenty of spam, however.
IBM researchers aren't sure why phishing has waned, though the apprehension of a major Romanian phishing gang last May likely helped, says Tom Cross, a researcher at IBM. Cross says it may be that phishing isn't paying enough and that attackers are shifting their attention to something "more lucrative, such as ATM skimming."
Financial institutions and their customers remained the target of phishing attacks over half the time, according to the report. Other specific attack targets included auctions, online payments and government organizations.
The most popular subject line in a phishing attack, seen about nine per cent of the time, is "Security Alert -- Verification of Your Current Details." One of the weirdest, seen in three per cent of attacks: "Welcome to Very Best Baking!" -- the typo makes the email look like an advertisement for a bakery.
The top countries or origin for phishing URLs are Romania at 18.8 per cent, the United States at 14.6 per cent, China at 11.3 per cent, South Korea at 9.8 per cent and the United Kingdom at 7.2 per cent.
In tracing the origin of phishing emails, IBM research shows India is tops at 15.5 per cent, Russia at 10.4 per cent, Brazil at 7.6 per cent, U.S. at 7.5 per cent and Ukraine at 6.3 per cent. IBM notes that the same four phishing-originating countries still dominate, only their relative positions have shifted slightly in the annual ranking, with Ukraine being a "newcomer" to the "top 10" phishing list for 2010.
Read more about wide area network in Network World's Wide Area Network section.