Bangalore, March 29 2013: The latest ( February) Symantec Intelligence Report on phishing sites in India reveals Information Technology sites to be the most vulnerable amongst the targeted websites by the Phishers last year. The global phishing rate increased by 0.018 percentage points, taking the global average rate to one in 466.3 emails (0.214 percent) since January 2013. In the month of January, the number of phishing URLs associated to Indian brands accounted for 0.15% of the global phishing statistics.
While education was at the top of the most targeted websites in 2011, it fell to second place in 2012. The states in India where phishing sites spoofing education websites was most prevalent were Rajasthan, Andhra Pradesh, Delhi, Maharashtra, and Punjab. This implies a new wave of phishing attacks among various organizations as the cyber criminals become highly sophisticated and targeted. Phishers continue to pursue Indian sites across many disciplines to host their phishing pages. The most targeted Indian sites were classified in various categories - Information Technology (14.40%), Education (11.90%), Product Sales and Services (9.80%), industrial and manufacturing (7.30%), and Tourism, Travels and Transport (5.80%). The figures for secure websites such as Government, Telecommunication, and ISP were low and at the bottom of the list. This offers evidence that phishers opt to target more vulnerable websites.
Symantec Blog: Indian Websites Pursued by Phishers
See for a few days a Symantec video on how to prevent phishing, in our video spot on the home page
Footnote: We empathise with this finding by Symantec. We ourselves , a pure IT site, suffered our worst and so far only attack in 2012 a few days after a high profile execution in India.
Symantec advises Internet users to follow best practices to avoid phishing attacks:
· Do not click on suspicious links in email messages
· Do not provide any personal information when answering an email
· Do not enter personal information in a pop-up page or screen
· Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
· Update your security software (such as Norton Internet Security 2012) frequently, which protects you from online phishing