The report on phishing trends, compiled by the Anti-Phishing Working Group (APWG), also details a continuing growth in active phishing sites and suggests that criminal techniques to launch phishing attacks are becoming more advanced.
"Overall, the survey and recent field reports tell us that phishers are using advanced crimeware to commandeer larger arrays of internet technologies and at the same time using them to attack smaller institutions than have been targeted," said David Jevans, chairman of the APWG.
The number of reported brands targeted by bogus websites has risen from 56 in December to 64 by the end of January. The APWG suggested that larger firms, such as Amazon, PayPal and Citibank are being more proactive in their efforts to combat phishing, and that phishers are now targeting the smaller institutions they feel will be softer targets.
But financial institutions remain the primary focus for phishers. This month eight of the nine new companies targeted were from the financial sector.
"Since the end of last year, however, it has been apparent that the phishers have been focusing on the financial sector and, within that, their attentions have been directed toward smaller institutions. Even a state credit union was attacked, in the last month," said Peter Cassidy, APWG secretary general.
Earlier this month SC reported Microsoft, eBay, PayPal, and Visa have teamed up with Whole Security to launch an anti-phishing service that allows companies to report and block bogus web sites.