Membership
about     advisory board     events     sponsors & affiliates     programs     news     reports & resources     contact

PROTECTION FROM BRAND INFECTION

Marketing's Fight Against Fakes, Fraud and Infringements
A Secure the Trust of Your Brand Authority Leadership Program

 

Back to main program page »

 Secure the Trust of Your Brand

PHISHING FACTS & STATS

  • A 2006 poll of 2,120 American adults conducted by the Wall Street Journal and Harris Interactive confirmed online businesses' worst fears: 30 percent of those polled said they limit online transactions, and 24 percent limit online banking transactions.
  • According to MarkMonitor, online counterfeit sales are estimated to total at least 14 percent of the total counterfeit market, which in 2006 was $600 billion. US brand owners alone lose up to $250 billion in revenue each year due to counterfeiting.
  • According to MarkMonitor AntiPhishing Security Operations, Online fraud scams continue to grow by 15% per quarter, targeting financial institutions of all sizes as well as e-commerce venues.
  • Gartner estimates that cumulative financial losses stemming from phishing attacks rose to more than $2.8 billion in 2006-the impact on consumer confidence in conducting financial transactions online is more worrisome.
  • It can take the phisher anywhere from 1 to 90 days to use the information that the phishing site stole. According to Gartner, the average loss for a phishing victim in 2006 was $1,244.
  • According to the the phishing portion of the first quarterly Brandjacking Index published by MarkMonitor, the phishing threat continues to increase with a 104% jump in annual attacks in Q1-07. Phishers actively avoid browser-based consumer protection technology evidenced by the more than 300,000 unique URLs used in phishing attacks.
  • Phishers cast a wider net; in March '07, 229 companies were targeted. Of that number, 158 companies were phished for the first time.
  • Phishers target more Financial Services companies. Financial Services companies made up 41% of all attacks in Q1-07. This represents a jump from 29% in Q1-06. Evidence suggests phishers prey on customer confusion during mergers and security system upgrades.
  • Although in the United States .com and net are by far the most sought after extensions, in other parts of the world, particularly Europe and Asia, ccTLDs reign supreme. Of the 120 million Domain Names currently registered, more than 43.7 million are ccTLDs. This represents close to 36% of all Domain Name registrations. Moreover, ccTLDs continue to grow at an alarming rate. Growth rates for ccTLDs have risen 28% in the last year alone.
  • Online phishing can be traced back as far as 1996 and has escalated swiftly: the number of unique phishing web sites detected by the Anti-Phishing Working Group rose to 55,643 in April 2007, a massive jump from March's 20,8712. Similarly, PhishTank (a collaborative clearinghouse for data and information about phishing) received 53,263 submissions of suspected phishing sites in May 2007, of which 43,789 were verified. A more accurate measurement of phishers' activities is the number of corporate brands attacked. According to the MarkMonitor Brandjacking IndexT, a quarterly report that measures the effect of online threats to brands, the number of brands phished each month reached an all-time high of 229 in March 2007.
  • MarkMonitor has seen as many as 5,000 unique URLs targeting a single organization within a one-month period.6 This high number indicates that approximately 50 percent of all active phishing URLs during a given period can be attributed to the Rock Phish Gang, a notorious group of phishers suspected to be working out of Eastern Europe.
  • According to Gieschen Consultency's 2006 Counterfeit and Piracy Intellegence Report, global online sales of counterfeit goods account for 14 percent of total counterfeit trade, a figure that translates into nearly $100 billion in 2006.
  • According to the Anti-Phishing Working Group (APWG), in November the identities of 178 financial institutions and government agencies, a new record, were co-opted by phishers in an effort to dupe victims into revealing information. This represents a 2.23% increase from the previous high in April and a 48% increase from October.
  • At the same time, the number of phishing campaigns overall fell for the second consecutive month, dropping to 28,074 in November from 31,650 in October. The APWG attributes this decline in part to "eCrime gangs' increasing focus on targeted phishing attacks against key corporate personnel to secure credentials for theft against corporate assets."
  • In 2005, MessageLabs detected two attacks per week involving targeted Trojans out of 1.5 billion messages. In 2006, it found one such attack per day out of 180 million messages. In May 2007, it saw 10 targeted attacks per day out of 250 million messages. In November, it was seeing 924 targeted attacks every five hours.
  • In November, China overtook the United States as the top phishing site host. The APWG said that 24.21% of phishing sites detected were hosted in China, compared to 23.85% in the United States.
  • According to EDN, The grey market channels are relatively small with the 10th largest supplier generating approx $30 million in revenues. In comparison, the 10th largest franchised seller generates more like $300 million in revenues.
  • The U.S. Department of Homeland Security seized an estimated $200 million in counterfeit merchandise during the 2007 fiscal year - an increase of 27 percent from the year before.
  • Immigration and Customs Enforcement (ICE) investigations during fiscal year 2007 resulted in 13,600 seizures, 241 arrests, 149 indictments and 134 convictions for intellectual property rights violations, according to an ICE press release.
  • According to the ICE, the top commodity seized continues to be footwear, including $77.7 million seized in FY 2007, or about 40 percent of the entire value of goods seized. Other fake goods include pharmaceuticals, electrical items, food and hygiene products.
  • A recent investigation of counterfeit goods conducted by Consumer Reports magazine found that today's fakes are not just the usual knockoffs like bogus handbags or watches. Some unsafe counterfeits in circulation include phony oil filters, fake diabetic strips that give erratic readings and even brake pads made of kitty litter, sawdust and dried grass.
  • Fake goods are estimated to cost legitimate businesses up to $250 billion in yearly sales.
  • Counterfeiters and digital pirates cost Los Angeles County about 106,000 jobs with wages of $5.6 billion in 2006, said Jack Kyser, chief economist for the Los Angeles County Economic Development Corp.
  • Illicit sales of digital and counterfeit goods at popular black markets like Santee Alley in downtown Los Angeles siphoned at least $483 million in potential sales tax revenue from local governments and the state at large lost $407 million.
  • In a recent survey by the Quality Brands Protection Committee, an industry association made up of 181 multinational companies, 28% said problems relating to the theft of intellectual property have eased; a slightly larger amount said things were getting worse. The rest say there is no change-which is, given the starting point, not encouraging.
  • Motorola says border guards in Shenzhen and Guangzhou have stopped people 75 times in recent months for carrying counterfeit products; police have conducted 14 raids on factories, and other government departments have carried out a further 65.
  • Gartner analysts surveyed more than 4,000 online adults to draw their conclusions, finding that the number of those who received phishing attack e-mails rose 118 percent in last three years. The average consumer in this population reported receiving about 80 phishing e-mails in the 12 months ending in August 2007, Gartner said.
  • The percentage of those who received phishing e-mails and lost money as a result rose by a percentage point, from 2.3 percent in 2006 to 3.3 percent in 2007.
  • Gartner's findings are corroborated by a report also released this week from the Anti-Phishing Working Group (APWG), a non-profit organization that tracks phishing activity on the Internet. APWG reported that its latest figures show monthly number of phishing e-mails reported year over year in 2007 spiked by 73 percent. In September 2006 the group received 22,136 reports of phishing e-mails. That number bumped up to 38,514 unique attack e-mails in September 2007.
  • Phishing scams proliferated in 2007, to put it mildly. During the first half of the year, Microsoft's Malicious Software Removal Tool detected 31.6 million phishing scams--an increase of more than 150 percent over the previous six months--according to the company's biyearly Security Intelligence Report, released in October.
  • Phishing attacks in the United States soared in 2007 as $3.2 billion was lost to these attacks, according to a survey by Gartner, Inc.
  • The Gartner survey found that 3.6 million adults lost money in phishing attacks in the 12 months ending in August 2007, as compared with the 2.3 million who did so the year before.
  • 11 percent of online adults say they don't use any security software (such as antivirus or anti-spyware products) on their desktop, and another 45 percent only use what they can get for free."
  • The average dollar loss per incident declined to $886 from $1,244 lost on average in 2006 (with a median loss of $200 in 2007), but because there were more victims, $3.2 billion was lost to phishing in 2007, according to surveyed consumers. There was a bit of relative good news, however; the amounts that consumers were able to recover also increased. Some 1.6 million adults recovered about 64 percent of their losses in 2007, up from the 54 percent that 1.5 million adults recovered in 2006.
  • The University of California at Berkeley conducted a Freedom of Information Act request, asking the Federal Deposit Insurance Corporation for all bank-reported data on fraud attacks between January 27, 2005 and May 30, 2007. Gartner and UC Berkeley analyzed these data and found spotty, unreliable and unstructured data reported by U.S. banks to the regulator. Just 451 unique incidents were reported in this period.
  • Phishing and malware attacks will continue to increase through 2009 because it's still a lucrative business for the perpetrators, and advertising networks will be used to deliver up to 30 percent of malware that lands on consumer desktops.
  • Confidence in UK brands is dramatically affected by phishing attacks, with 42% of people losing trust in a brand if they receive a phishing email claiming to be from that company, according to a YouGov survey, conducted online with a total of 1,960 adults in October 2007.
  • The YouCov survey, commissioned by Cloudmark, found that 41% of those surveyed felt that their trust in a bank would be greatly reduced if they received a phishing email pretending to come from it.
  • However, the research also found that the majority of respondents (66%) felt that the responsibility for protection against phishing attacks lies with themselves, their service provider and the service provider that sent the phishing emails; 26% felt it was their duty to protect themselves, while 23% felt it was the responsibility of their ISP or email service provider. Slightly fewer respondents, 17%, felt that it was the duty of the sender's ISP and email service provider to stop the emails from being sent in the first place.
Marketing Magnified Newsletter Legal Notice | Privacy Policy | Sitemap | Contact
© 2010 CMO Council. 4151 Middlefield Rd. Palo Alto, CA 94303