Phishing emails (which try and steal your personal information by pretending to be from a company or service provider) often run in waves. The rapid rise of social networking means that there's been a lot of emphasis recently on protecting your Facebook and Twitter accounts from phishing attempts. While that's still important, right now phishing mail is once again concentrating on data that's easy to profit from: bank account and eBay login details.
At Bitdefender's security conference in Bucharest which I attended this week, analyst Bogdan Botezatu noted that Bitdefender's own data showed a change in the pattern of phishing distribution. "A couple of years ago financial institutions were on top," he said. "Last year they fell down and social networking phishing gained ground. But this year it's finance again. It's much more profitable to get your eBay credentials than your social networking account."
One notable change though is that phishers are expanding their range of distribution mechanisms, using social networks and other options such as blog comments. Bitdefender's analysis suggests that phishing-centric and spammy blog comments generally originate from the same IP addresses as email spam, suggesting that the same operators are using both methods.
Angus Kidman travellled to Bucharest as a guest of Bitdefender.