Symantec.com > Enterprise > Security Response > Internet Security Threat Report > View the Report > Spam and Fraud Activity Trends

Spam and Fraud Activity Trends

Spam and Fraud Activity Trends | Analysis of Spam Activity Trends | Analysis of Spam Activity by Geography, Industry Sector and Company Size | Analysis of Spam Delivered by Botnets | Spam Botnet Analysis – A Strategic Viewpoint | Significant Spam Tactics | Spam by Language | Spam by Category | Future Spam Trends: BGP Hijacking | Phishing Activity Trends | Analysis of Phishing Activity by Geography, Industry Sector and Company Size

Analysis of Phishing Activity by Geography, Industry Sector and Company Size

Background

Phishing activity trends can also reveal patterns that may be associated with particular geographical locations, or hotspots, for example, the industry sector may also have an influence on an organization’s risk factor, where certain industries may be exposed to different levels of threat, by the nature of their business.
Moreover, the size of an organization can also play a part in determining their exposure to risk. Small to medium-sized businesses (SMBs) may find themselves the target of a spam attack because SMBs are perceived to be a softer target as they are less likely to have the same levels of defense-in-depth as a larger organization is more likely to have greater budgetary expenditure applied to their anti-spam and security countermeasures.

Methodology

Analysis of phishing activity based on geography, industry and size is determined from the patterns of spam activity for Symantec.cloud clients for threats during 2011.

Data

Figure C.24. Proportion of email traffic identified as phishing by industry sector, 2011. Source: Symantec.cloud
Figure C.25. Proportion of email traffic identified as phishing by organization size, 2011. Source: Symantec.cloud
Figure C.26. Proportion of email traffic identified as phishing by geographic location, 2011. Source: Symantec.cloud

Commentary

  • The phishing rate has decreased for seven of the top-10 geographies in 2011. The highest average rate for phishing activity in 2011 was for organizations in South Africa, with an overall average phishing rate of 1 in 96.3. In 2010, the highest rate was also for South Africa, with an overall average phishing rate of 1 in 99.0.
  • The phishing rate has increased across all top-ten industry sectors in 2011. Organizations in the Government and Public Sector were subjected to the highest level of phishing activity in 2011, with 1 in 49.4 emails identified and blocked as phishing attacks. In 2010 the sector with the highest average phishing rate was also the Government and Public Sector, with a phishing rate of 1 in 104.3.
  • The spam rate has increased for all sizes of organization in 2011. 1 in 250.5 emails sent to large enterprises with more than 2,500 employees in 2011 were identified and blocked as phishing attacks, compared with 1 in 400.0 in 2010.
  • 1 in 266.1 emails sent to small to medium-sized businesses with up to 250 employees in 2011 were identified and blocked as phishing attacks, compared with 1 in 379.7 in 2010.