A consumer survey found widespread frustration with spoofed e-mails and mounting costs for consumers as a result of phishing schemes.
The survey of 1,335 Internet users, conducted by Tucson, AZ, research group Ponemon Institute, found that 70 percent had visited a spoofed Web site, and 15 percent of them subsequently fell for a phishing scam. More than one-third of respondents said they received a spoofed e-mail at least once a week.
Spoofed e-mail takes advantage of a flaw in the Internet architecture that lets senders alter the appearance of the “from” address and header information in e-mail. It is used to evade spam filters and to entice consumers to divulge financial information in phishing schemes by impersonating banks and other trusted companies.
Ponemon Institute's survey, sponsored by online privacy group TRUSTe, found that 2 percent of respondents lost money through phishing attacks. It estimates the total cost of the problem at $500 million.
The survey was presented yesterday in Washington, DC, at a meeting of the Anti-Phishing Working Group, a coalition of companies working to draw attention to the problem. The group, which counts Microsoft, Verisign and Symantec among its 407 member companies, tracks phishing attacks, which it reports are rising at a 50 percent-per-month rate.
Ponemon also found that consumers trust e-mail less because of the attacks, as 64 percent said it was “unacceptable” for organizations to do nothing about the problem.
Amazon on Monday struck back at phishers impersonating the company. It filed three lawsuits, alleging the sending of unsolicited e-mail that appeared to come from Amazon in order to defraud customers.
Also, EarthLink yesterday released a site application that blocks phisher Web sites. The tool, ScamBlocker, is an add-on to EarthLink's Internet browser toolbar.