Symantec Global internet Security threat report
Figure 13. Phished sectors by volume of phishing URLs Source: Symantec
in 2009, the iSp sector ranked second for spoofed brands, accounting for 9 percent of the total. the iSp sector also ranked second for volume of phishing lures in 2009, accounting for 12 percent of the total—a slight increase from the 10 percent recorded in 2008. Although there was little change in the number of unique brands phished in this sector, the volume of lures targeting these brands increased by 50 percent.
the increase in the volume of lures targeting this sector was likely due the financially advantageous nature of these accounts. Once phishers gain access to Webmail accounts they could sell them in the underground economy. While credentials stolen during iSp-targeted attacks do not offer much direct financial gain for the phishers, they do offer a wealth of user information that can be used in other phishing, spear phishing, or social engineering attacks.181 At the very least, phishers can harvest the user’s address list for further spamming opportunities. it has also been observed by Symantec that phishers sometimes use the free Web-hosting space often included with these iSp accounts to set up fraudulent websites, from which they launch new attacks.
the third most phished sector for 2009 was the retail services sector. this accounted for 6 percent of organizations whose brands were spoofed by phishing attacks in 2009, an increase of 2 percentage points from the 4 percent recorded in 2008; this also accounted for a 36 percent increase in the number of unique phished brands in the retail sector. the retail sector is an attractive target for phishers for numerous reasons.
in spear phishing attempts, the email appears to be from organizations or individuals the potential victims would normally get emails from; for more information see: http://www.symantec.com/norton/products/library/article.jsp?aid=spear_phishing_scam_not_sport