I guess its not that surprising, but a new report indicates that .47 percent of banking customers fall victim to a phishing site every year. This clearly demonstrates that phishers have a large market to address and are obviously seeing a return on their investments. That means we can expect to see even more phishing attempts going forward. Financial institutions already are facing an average of 16 attacks a week. One wonders how many more they can cost effectively deal with?
Naturally, the targets of these phishing attacks are becoming educated about phishing so that will mean phishing attacks will become more sophisticated. Case in point: some phishers have taken to social media such as Facebook and Twitter (“friending” the wrong person in Facebook can provide enough information for identity theft).
One defense against phishing is EV SSL certificates. It’s a step in the right direction that applies stringent verification standards on those that want to use one. When deployed, EV SSL certificates display the verified company name in the “chrome” of the browser, along with other trust indicators such as turning the address bar green. It’s up to the browser manufacturers to decide how to display that trust. Some turn the entire address bar green while others only shade address text green. I wonder if consumer pressure will bring them to be more aggressive displaying verified company information. Time will tell.