Opinion

By Stephen J. Dubner July 7, 2006, 8:10 am

Phun Phacts About Phishing (and Spam)

By Stephen J. Dubner

According to CipherTrust, a company that makes its money protecting computers from viruses and spam, all the phishing attacks in the world are issued by a mere five “zombie” networks. Even more interesting is the fact that their targets are just as concentrated. Here, from CipherTrust’s page of spam statistics, are the top 5 targets and the percentage of phishing attacks they represent:

CitiBank ………………………..54.16%
Smith Barney ………………..13.48%
SunTrust ………………………10.02%
Paypal ……………………………..7.57%
Wells Fargo ……………………..5.42%

CipherTrust has also analyzed the effectiveness of various kinds of spam. It turns out that pornography is far and away the most effective spam, with a click-through rate of 5.6%. The next-best click-through rate? Pharmaceuticals, at 0.02%. (I couldn’t find these numbers on the CipherTrust website, but the N.Y. Times ran this short piece the other day.) Imagine the blockbuster just waiting to happen: when Citibank starts offering online pornography.

, , ,

4 Comments

  1. 1. July 7, 2006 5:00 pm Link

    After almost three years of CitiBank phishing attacks you would think Citi would respond in some way more contructive than customer education and providing free or low-cost software defenses. The fact the Citi is still high on th elist indicates that the phishers are successful in phishing their customers. Citi should look to its own business practices to curtail phishing. Strong authentication is *the* answer.

    Stiennon (IT Security Analyst)

    — stiennon
  2. 2. July 8, 2006 5:04 pm Link

    Stiennon, isn’t human behavior the largest and least changeable component of any security threat? Maybe Citibank is the largest target because it is the largest (or one of the largest) bank.

    The higher the hurdle that Citibank comes up with, ingenious people (phishers) will come up with ways of getting around it, and gullible customers will find ways of believing that they have to divulge private information.

    — xerxex
  3. 3. July 8, 2006 10:19 pm Link

    Not to be a complete corporate shill but based on my experience Bank of America has a simple, but multilayered authentication approach. Basically you type in one password, and then if they recogonize your computer, they respond with a code of words and a picture. Only after they prove their identity do you type in the final password. It’s simultaneously mindblowingly easy and not likely to be faked successfully.

    For Citibank to be so attractive phor phishing, they must be lacking this.

    — synapticmisfires
  4. 4. July 9, 2006 8:47 am Link

    I just wanted to point out that CitiBank and Smith Barney are both subsidiaries of CitiGroup. CitiGroup is the largest corporation in the world, with assets of 1.4-1.5 trillion dollars.

    CitiBank is not the largest bank in the U.S., but it is probably the most international bank. With clients spread across the globe, its understandable that they would have such a big phishing problem.

    I would’ve thought these banks could get in the habit of never sending emails with links in them. Whenever a new user signs up for online banking, they should try to make it stupidly clear that they will never, ever send you an email with a link in it, so you should never, ever click on a link in an email from them. In order to access thier web site, you should have to type citibank.com into the address bar. Also, and perhaps more importantly, this would make it that much easier for filters to catch phishing attacks.

    — edwardmking

Add your comments...

Required

Required, will not be published

FREAK Shots:

What Does 75 Cents Do?

This week's FREAK Shot.

Photo: Justin Smith

About Freakonomics

Stephen J. Dubner is an author and journalist who lives in New York City.

Bio | Contact

Steven D. Levitt is a professor of economics at the University of Chicago.

Bio | Contact

Their book Freakonomics has sold 3 million copies worldwide. This blog, begun in 2005, is meant to keep the conversation going. Recurring guest bloggers include Ian Ayres, Jessica Hagy, Daniel Hamermesh, Sudhir Venkatesh, and Justin Wolfers.

Annika Mengisen is the site editor.

Naked Self-Promotion

Freakonomics is bolstering book sales at airports because it’s sexy, reports TheBookseller.com -- with or without its Turkish cover.

Wikio - Top of the Blogs freakonomics
Freakonomics: A Rogue Economist Explores the Hidden Side of Everything

Buy from Amazon Learn more

Archive

Recent Posts

November 18
(0 comments)

Is France Due for Riots?

Photo: cicilief In my last post, I offered several reasons why the urban riot has gone out of style in the U.S.
However, France will not be spared the sword. I predict that the world will watch French cities light up in youth unrest in 2009, 2010 at the latest … 2011 for sure.
I have been [...]

November 18
(20 comments)

A Beet Paradox

Photo: Darwin Bell
Beets are the new broccoli. Or at least they will be after Obama takes office on January 20, as the president-elect recently revealed his distaste for this vitamin-laden root vegetable. And Obama is not alone: Even as beet salads have become popular in trendy eateries, most American kids I know also reject the [...]

November 18
(0 comments)

Time to Check the Santa Index?

The latest surprise victims of the recession: Small-town Santas.
The latest surprise beneficiaries: Internet psychics.
Incidentally, consumer confidence has fallen to its lowest level ever recorded.
Why ask for toys from Santa when you’re asking a psychic about your chances of getting a pink slip this quarter?
We’re used to watching the TED spread as an indicator of economic [...]

November 17
(2 comments)

The Weirdest Cookbook You Will Ever Need

Shopsin’s is a New York institution, a restaurant that began as a grocery store whose owner, Kenny Shopsin, is colorful, irascible, and talented. It is famous for breakfast but also for its vast, unusual, common-sense menu. From Shopsins.com Shopsin has just written a book that is half cookbook and half memoir, entirely fascinating. I had never sat [...]

November 17
(31 comments)

The Social Upheaval/Zombie Movie Index

Annalee Newitz, editor of the science-fiction blog i09, created a chart showing the number of zombie movies produced annually in the West (mostly the U.S. and Europe) since 1910:
Chart design by Stephanie Fox. The chart shows several spikes in zombie-movie production that, according to Newitz, “always seem to happen eerily close to historical events involving war [...]

Stuff We Weren't Paid to Endorse

1. Go to Hulu.com. 2. Choose Arrested Development. 3. Start with Season 1 and then watch every episode of all three seasons. 4. You can thank me later. (SJD)

I can scarcely tell a scarlet tanager from Scarlett O’Hara, but The Life of the Skies had me transfixed from the first page. Jonathan Rosen -- who happens to be a friend of mine -- writes with astounding insight, wit, and compassion. The story he tells here is the best kind of odyssey, an outward journey that ends up highlighting the beauty and daring that live inside of us. Here's a Times review of the book, and here's an earlier blog post about the book and the power of suggestion. (SJD)

Even if you don’t have a son fighting in Iraq, even if you don’t read poetry, even if you think you are immune to the power of a mother’s lament – pick up The Warrior and read it right away. Fran Richey has written some of the most powerful stories I’ve ever encountered. It is obvious that her life was changed by living these poems; yours may well be changed by reading them. (SJD)

From the Opinion Blogs

Necessary Steps
Inching Along the Edge of the World

In his last walk of the series, the author manages to avoid stepping out into thin air.

Abstract City
New York Cheat Sheets

All New Yorkers develop tricks that allow them to stay ahead of the pack in daily life. Here I offer some of mine in a couple of handy charts.

Feeds

  • Subscribe to the RSS Feed
  • Subscribe to the Atom Feed