Phishing Attempts Successfully Gather Sensitive Info Half of the Time

Article by George Norman (Cybersecurity Editor)

on 09 Dec 2009

A phishing attempt, for those of you that may not know this, is a malicious attempt to steal sensitive info such as usernames, passwords, credit card details from unsuspecting computer users. Most times the user will receive an email that seems to come from a legitimate source – like the user’s bank, or social network. In the email he is asked to click a link and access his social networking or online banking account. That link takes the user to a phishing site – when the user types in his login credentials he’ll hand the phisher his username and password.

Moving on, do you know how successful phishing attempts are? Trusteer sought to answer this question so it gathered data from over three million computer users. This data was gathered over a period of 3 month. Then Trusteer normalized the data it collected for a single bank, over one year, across one million customers. It put all the findings in a study entitled Measuring the Effectiveness of In-the-Wild Phishing Attacks (see here – PDF warning).

Here is the summary of the study:

- Each phishing attack compromises a very small number of customers (0.000564%), but due the large number of phishing attacks, the aggregated number is significant.
- 45% of bank customers who are redirected to a phishing site divulge their personal credentials.
- 0.47% of a bank’s customers fall victim to Phishing attacks each year, which translates to between $2.4M-$9.4M in annual fraud losses (per one million online banking clients).


45% of computer users cannot spot a phishing site and divulge their personal information. I thought that everyone knew by now that you are not supposed to click a link received in a spam message – especially if that message claims to be from your bank and asks you to access your online banking account.

Then again, Sophos recently uncovered that Facebook users were willing to divulge their personal info to a rubber duck (see here).


Latest News


Sony's 'Attack of the Blockbusters Sale' Slashes Prices in Half for a Ton of PS4 Games

17 Aug 2017

How Samsung's New T5 Compares to the Old T3 Portable SSD (Infographic)

17 Aug 2017

See all