
"The bulk of the criminal activity related to identify theft and online financial fraud on the internet is targeted at US consumers," Bransford said.
He said that more than 80 percent of the compromised credit cards on the internet were issued by US-based banks.
The report, which analysed data collected between April 1 and June 30, revealed that while the rate of traditional phishing attacks seems to be leveling, there is a 20 percent increase in the aggregate quantity of brands targeted.
Bransford said this indicates phishers continue to change targets, with large US financial institutions the prime victims.
More than 80 percent of the 284 brands targeted by phishing attacks for the first time in the second quarter of 2007 were US-based, Cyveillance said.
Overall, more than 1,400 companies have been phished since 2005, according to the report.
During the second quarter, the company identified more than two million URLs that were distributing malicious downloads to visitors without their knowledge.
Web-based malware distribution has evolved into what Cyveillance called a "fraud chain" of malware hosting, distribution and drop sites.
It said that 60 percent of the websites storing malware binaries are in China and the United States, with 63 percent of the sites used to attract and distribute malware based here.
The United States also hosts more than 50 percent of malware drop sites, which collect information from computers infected with keyloggers and screen scrapers that harvest end-user information.
It makes sense that criminals go after US consumers, Bransford said.
"Think how easy it is to establish a web presence in the US," he said. "They can register a domain name, create content, host a website and advertise it in a matter of minutes. That's one of the drivers behind why the drops sites are in this country."