Indians lost over 1000 cr to fraud emails

India lost an estimated $225 million (Rs 1,350 crore) due to phishing attacks last year, RSA, the security division of EMC today announced in its 2013 Fraud Report.

India emerged as the top Nation in APAC region in terms of phishing attack by volume closely followed by Australia and China.

Globally, loss due to phishing attack rose to $5.9 billion from $1.5 billion in 2012, though the total number of phishing attacks rose only marginally to 448,126 against 445,004 in the previous year. 

USA and Canada remained the most targeted countries by phishing attacks in 2013 with a total of 63% of the phishing attacks directed at them. Phishing attacks increased in every Quarter in 2013, with Q4 seeing the most number of attacks.

Phishing, the cybercrime equivalent of pickpocketing, refers to obtaining secret information such as bank account passwords, by creating fake websites and through forged emails claiming to be from banks etc..

Today, getting 500,000 email addresses only costs just $65, the report said.

“Phishing volumes will not drop considerably, though we may see a slight decline. The decline will be mainly due to growing adoption of email authentication, namely DMARC, which together with tighter policy should help in the reduction of phishing emails received by end users,” it said.

However, wider global adoption (into LATAM and APJ) still plays a major factor in the battle against phishing, it added.

Big data analytics and broader intelligence collection will lead to faster detection and quicker mitigation, resulting in lower financial losses, the report said.

“With the millions of spam messages traversing the internet on a daily basis, separating the wheat from the chaff has become far more challenging.  Advancements in phishing techniques and methods also serve to add a layer of complexity when it comes to detection. Deploying analytics into the detection process provides a way to see though the noise and get to the phish faster. Coupled with broader intelligence collection, attacks may be prevented before they are launched.”