Aussies prone to phishing from 'friends'

Stephen Withers
Monday, 15 August 2011 11:15

Business IT - Security

An email appearing to come from a friend is a good way to get through Australians' defences, a security company claims.

Security provider RSA reckons Australians are the most likely to be taken in by phishing attacks that are disguised as messages from friends.

Other common tactics are inducing fear or anxiety (eg, by claiming something is wrong with the victim's bank account), offering rewards (eg, the fake tax refund scams), and appealing to widespread interest in news items such as 'celebrity' deaths (eg Michael Jackson or Osama Bin Laden).

"Cybercriminals rely on peripheral routes in order to persuade a victim into providing the response they seek. Social engineering tactics use the superficial cues to exploit trust, pique human interest, and evoke emotions that hinder the victim's ability to think logically and elicit an immediate response," said Mason Hooper, RSA's APJ business manager, identity, protection and verification.

"This often enables them to bypass even the most iron-clad security measures and gain access to systems to steal identities, funds, information, and corporate and government secrets," he added.

RSA's latest online fraud report says that despite a 3% decrease in unique phishing attacks in June, the figure of 22,516 was 61% up on June 2010. And it's nothing to be proud about, but Australia is punching above its weight as the source of 4% of phishing attacks. This puts us just behind the UK (4.5%), with the US still way out in front on 68%.

Eight out of 10 attacks target the US and the UK, with Australia scraping into the top 10 target nations with 1% of attacks.

RSA officials suggest education and awareness programs at the corporate and consumer level are important to help people identify phishing attacks.