Security pioneer RSA, The Security Division of EMC, is celebrating today as it announces the 500,000th online attack shut down on behalf its customers. In its seventh year of offering online anti-fraud services, the company estimates that its RSA FraudAction service has prevented US$7.5 billion in potential losses due to fraud, mainly through its anti-phishing and anti-Trojan services.
The RSA FraudAction service is a managed service that is engineered to help protect customers, primarily in the banking and online retail industries, against phishing, pharming and Trojan attacks.
“Phishing has reached pandemic levels globally, impacting business and consumers alike, with billions of dollars being lost to cyber criminals – yet electronic commerce and online banking continues to thrive in nearly every corner of the world,” said Peter Cassidy, Secretary General of the Anti-Phishing Working Group.
According to the APWG’s count, at least 112,472 unique phishing attacks, across 200 top-level domains occurred in the first half of 2011. The number was a big jump over the 42,624 attacks they counted in the first half of 2010, but less than the record 126,697 observed in the second half of 2009, the height of the phishing onslaught being propelled by the Avalanche botnet.
Recent estimates from RSA’s FraudAction Research Lab pegged worldwide losses incurred from phishing attacks between the second half of 2010 through the first half of 2011 at nearly $1 billion, with more than a third of those losses coming from organizations located in the U.S. and U.K.
“Every hour a phishing attack remains active can be costly for the targeted organization such as a bank or online retailer,” said Avivah Litan, Vice President and Distinguished Analyst at Gartner. “Web fraud detection and takedown services have proven to significantly help reduce the lifespan of these attacks which helps minimize the potential of financial loss for targeted organizations and to reduce the distribution and potency of the malware that is typically used in these attacks to infect end users and harvest information such as log-in credentials and other sensitive data.”
RSA’s Anti-Fraud Command Center operates from two facilities located in Herzeliya, Israel and Cork, Ireland.
Disclosure: Idan Aharoni, Head of Cyber Intelligence for the FraudAction Intelligence team at RSA, is a regular SecurityWeek contributor.
