UK cements reputation as phishing hotspot

The UK is now established as the second biggest target area for phishing attacks on banks, figures from security firm RSA show.

Share

The UK is now established as the second biggest target area for phishing attacks on banks, figures from security firm RSA show.

An analysis of reports to RSA’s Anti-Fraud Command Centre for October show that UK financial institutions make up a 16% share of those attacked worldwide, second only to the US, which has a 60% share. The UK has held second place for nine months running.

But the UK is not a major host of phishing attacks, with just 3% of attacks worldwide originating here. The US hosted 47% of attacks logged in October, with China second on 22%.

RSA also warned that phishers have now begun to use Internationalised Domain Names (IDNs), which can be used to produce an effective spoof of a genuine bank website.

IDNs are domain names or web addresses that use local language characters, such as Cyrillic. This means a fraudster can use characters in one language to construct a URL that looks exactly like another.

RSA warned: “For example, Unicode character U+0430, Cyrillic small letter a (“a” ), can look identical to Unicode character U+0061, Latin small letter a, (“a” ) which is the lowercase “a” used in English. Therefore, a spoofed phishing domain which is based on an IDN can look exactly like a genuine bank’s domain written in standard ASCII code.”

Find your next job with computerworld UK jobs