• United States



by Dave Gradijan

Numbers: Widespread ‘Rock Phish’ Techniques Contribute to Online Fraud

Jan 23, 20082 mins
Build AutomationCSO and CISO

Phishing and pharming attacks continue to be a major source of crime against worldwide financial institutions, according to latest RSA report

By Katherine Walsh

A new report from RSA’s Anti-Fraud Command Center found increased phishing activity with characteristics similar to that of the so-called Rock Phish, the person or group of people potentially responsible for half of all phishing attacks worldwide. However, the same countries are still hosting the attacks, according to the study, which is based on phishing, pharming and Trojan attacks tracked by the Command Center during the month of December.

Highlights of the study include:

* Activity from the Rock Phish group or similar groups increased. An increase in phishing attacks is due to increased activity of the Rock Phish group and may also be the result of copycat groups that have adopted similar methodologies, such as the use of proxy servers and the initiation of multiple attacks from a single domain. Although the magnitude of these copycat attacks is smaller than Rock’s, it is evidence that other groups are starting to use these techniques.

* The distribution of global attacks remains constant. Since June 2007, U.S banking brands have remained dominant, representing 62 percent of phished entities. December was the eleventh consecutive month in which banks in the United Kingdom occupied the second spot, at 11 percent.

* Online fraud activity increased. A total of 186 attacks on financial institutions were recorded during December, including attacks against 20 financial intuitions that had never been attacked before.

* Hosting countries for attacks remain fairly constant. Although the percentage of attacks hosted in the United States dropped to 44 percent in December from 60 percent in November, it remains the top hosting country. Hong Kong and China fell into the second and third spots, at 16 percent and 12 percent respectively. The Philippines, a newcomer to the list, became the fourth largest attack host this month, with 8 percent of hosted attacks originating from that country.

Staff Writer Katherine Walsh can be reached at