Schemes to steal personal information from consumers via email continue to climb while banks remain caught in the crosshairs.
So-called phishing attacks rose 59% in 2012, to roughly 445,000, from a year earlier, according to a report published recently by RSA, a digital security firm.
Losses from the attacks, which use emails that purport to be from legitimate senders to lure consumers into supplying passwords, credit card numbers and other details of their financial lives, rose 22% from 2011, to $1.5 billion.
Though targets include retailers and airlines, writers of software that enables the assaults booked the most orders for emails that impersonate the login pages of financial firms, according to RSA.
The biggest banks absorbed most attacks in 2012 compared with their regional and credit union counterparts. In December, 79% of phishing attacks took aim at customers of U.S. banks that do business nationwide, while 15% targeted customers of regional banks and 6% aimed for customers of credit unions.
"Phishing attack numbers have been increasing annually, and although phishing is one of the oldest online scams, it seems that web users still fall for it, which is why it remains so popular with fraudsters," the report's authors wrote in "The Year in Phishing."
The U.S. absorbed 46% of phishing attacks worldwide in 2012, followed by the U.K., which endured 19% of attacks; India, which received 8%; Canada, with 5%; and South Africa, which bore 3% of the total. In Canada, which has an even currency exchange rate with the U.S., attacks jumped 400% in the first six months of the year.
More than half of phishing attacks launched from computers in the U.S., while Germany and the U.K. produced 5% apiece, and 4% came from Brazil.
RSA says it expects cyber thieves increasingly to target smartphones in the coming year as criminals aim to infect mobile devices with apps that conceal malicious software and steal information and money from users. Phishing via social networks is expected to increase as well after jumping 13.5% in one month in 2012 on Facebook alone.
According to RSA, "the forecasted outlook for 2013 calls for yet another record year riddled with hundreds of thousands of phishing attacks worldwide."