Phishing schemes on rise

Discussion: Comments

Upstate businesses and individuals are reporting a sharp spike in phishing attacks over the phone and Internet, the Journal has found.

Tom Kriese, owner of St. Joseph Construction, said his business has seen an increase in attacks in recent weeks.

"It's really become a persistent problem," he said. "Phishing attacks are in my inbox every day."

News reports in recent weeks indicate most of the attacks are coming from overseas, some sponsored by the Chinese military, on major corporations in the U.S. The recent compromise of S.C. Department of Revenue tax data has partially compromised virtually every taxpayer in the state, millions of people. There have been reports of phishing attacks using phone numbers provided to DOR on tax forms.

"We've found that most of the phishing is coming from sites in other countries," said Tammy Dankovich, Upstate Better Business Bureau vice president. "The thing they all have in common is they are trying to get your personal information in order to gain access to bank accounts, take out credit cards in someone else's name, or scam your family and friends."

The security firm RSA recently reported an average of 33,000 phishing attacks per month, with an estimated worldwide loss of nearly $700 million from phishing scams alone.

Tampa, Fla., Internet security company KnowBe4 is warning small and medium-sized businesses of a new threat called APT (Advanced Persistent Threat), which, in 91 percent of the cases, starts with a spear-phishing attack.

Spear phishing is an attack that focuses on a single user of a department within a business or organization who is addressed from someone in a position of trust. The attacker requests information on logins and passwords, or asks that passwords and logins be updated. The scammer then uses the information he gets to compromise the entire secured organization.