All
All

Technical Trends in Phishing Attacks

181 KB | 3 files | null DOC,null PDF

This research identifies several of the technical capabilities that are used to conduct phishing scams, reviews the trends in these capabilities over the past two years, and discusses currently deployed countermeasures.

The convenience of online commerce has been embraced by consumers and criminals alike. Phishing, the act of stealing personal information via the Internet for the purpose of committing financial fraud, has become a significant criminal activity on the Internet.

There has been good progress in identifying the threat, educating businesses and customers, and identifying countermeasures. However, there has also been an increase in attack diversity and technical sophistication by the people conducting phishing and online financial fraud. Phishing has a negative impact on the economy through financial losses experienced by businesses and consumers, along with the adverse effect of decreasing consumer confidence in online commerce.

Phishing scams have flourished in recent years due to favorable economic and technological conditions. The technical resources needed to execute phishing attacks can be readily acquired through public and private sources. Some technical resources have been streamlined and automated, allowing use by non-technical criminals. This makes phishing both economically and technically viable for a larger population of less sophisticated criminals.

This research by U.S. CERT identifies several of the technical capabilities that are used to conduct phishing scams, reviews the trends in these capabilities over the past two years, and discusses currently deployed countermeasures.

The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Technical Trends in Phishing Attacks.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

US-CERT is charged with providing response support and defense against cyber attacks for the Federal Civil Executive Branch (.gov) and information sharing and collaboration with state and local government, industry and international partners. US-CERT interacts with federal agencies, industry, the research community, state and local governments, and others to disseminate reasoned and actionable cyber security information to the public.

All IT Downloads from US-CERT» | Visit US-CERT »
Related IT Downloads

Mobile45 Vetting the Security of Mobile Applications

The purpose of this document is to help organizations understand the process for vetting the security of mobile applications, plan for the implementation of an app vetting process, develop app security requirements, and understand the types of app vulnerabilities and the testing methods used to detect those vulnerabilities. ...  More >>

mobile30 Guidelines on Mobile Device Forensics

This guide provides an in-depth look into mobile devices and explains technologies involved and their relationship to forensic procedures. ...  More >>

HealthCare01 Wi-Fi Enabled Healthcare

This excerpt from chapter 6 looks at the use of Wi-Fi-enabled mobile medical devices in health care settings. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.