Study: 'The war on phishing is far from over'

Phishing attacks increased in number, decreased in damage

More consumers were victims of phishing attacks in 2008 -- a 39.8 percent increase from a year earlier -- but the average dollar amount lost decreased, according to a survey conducted by technology research company Gartner.

Phishing is a form of identify fraud where a criminal acquires secure information -- such as credit card numbers, usernames, or passwords -- by pretending to be a person or company that the holder of sensitive information trusts. Phishing usually occurs when a cybercriminal sends a user an e-mail with a link to a phony website that asks users to reveal identifying information.

The Gartner study -- which included data gathered between September 2007 and September 2008 -- indicated that more than 5 million American consumers lost money in 2008 to phishing attacks, but the average losses among consumers decreased 60 percent to $351 per incident. In addition, consumers recovered 56 percent of their losses, with most of the costs from fraud incidents absorbed by financial service providers.

Avivah Litan, vice president and analyst at Gartner, said several measures help combat phishing, including e-mail blocking, safe browser surfing features and checking website authentication to determine legitimate sites. But he warned that "the war against phishing is far from over."

The survey also recommended that enterprises that service accounts should provide their customers with site authentication tools and secure e-mail gateways to help them best guard against phishing attacks. According to Litan, no one solution guarantees safety, and that the best security practices call for layers of anti-phishing tools.

See related: Don't take the bait when you receive a phishing e-mail, Credit card phishing: What it means, how to prevent it

Join the discussion
We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, do not disclose confidential or personal information such as bank account numbers or social security numbers. Anything you post may be disclosed, published, transmitted or reused.

If you are commenting using a Facebook account, your profile information may be displayed with your comment depending on your privacy settings. By leaving the 'Post to Facebook' box selected, your comment will be published to your Facebook profile in addition to the space below.

The editorial content on is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.

Weekly newsletter
Get the latest news, advice, articles and tips delivered to your inbox. It's FREE.

Updated: 02-17-2019