ARLINGTON, Va. (2/12/08)--Credit unions and other financial institutions continue to be top targets for phishing attacks, accounting for nine out of 10 new brands targeted during fourth quarter last year, says a new report. In 2007, more than 900 new brands were first-time targets of phishing attacks. That's more than a 100% increase in new targets compared with new targets in 2005 and 2006, said Cyveillance, a cyber intelligence company, in its latest "Online Financial Fraud and Identity Theft Report." Broad-based phishing attacks aimed at new companies and industries reached its high point of 431 during first quarter 2007 then decreased significantly the rest of the year. About 106 new brands were targets in the fourth quarter. The data indicates the attacks were more focused throughout 2007, repeatedly targeting prominent brands in key industries, said the Arlington, Va.-based Cyveillance. During the year, phishing attacks became more sophisticated and evolved to incorporate legitimate brand names and URLs. Attacks leveraging compromised websites grew to 51% in fourth quarter from 38% in third quarter. The use of compromised websites complicates the attack shut-down process for the targeted organization because it requires specific URLs be removed without disrupting the site's legitimate operations. Also, the use of targeted brands within the URL of phishing sites increased to more than 50% of all attacks. Phishers often include the brand in the URL to help legitimize their spoofed pages. In addition to changes in phishing scams, the report also identified a 30% increase in malware attacks targeting users outside the U.S. Attacks against U.S. citizens decreased to 45% in the fourth quarter from 75% in first quarter. France and Japan saw significant increases in malware attacks. To download the report, use the resource link.