"Reminder: please update your details": Phishing Trends

Abstract: Spam messes up users inbox, consumes resources and spread attacks like DDoS, MiM, Phishing etc., Phishing is a byproduct of email and causes financial loss to users and loss of reputation to financial institutions. In this paper we study the characteristics of phishing and technology used by phishers. In order to counter anti phishing technology, phishers change their mode of operation; therefore continuous evaluation of phishing helps us to combat phishers effectively. We have collected seven hundred thousand spam from a corporate server for a period of 13 months from February 2008 to February 2009. From the collected date, we identified different kinds of phishing scams and mode of their operation. Our observation shows that phishers are dynamic and depend more on social engineering techniques rather than software vulnerabilities. We believe that this study would be useful to develop more efficient anti phishing methodologies.