NEW YORK (3/9/10)--Cybercrooks or eCrime syndicates are expanding the base of the brands they exploit for online fraud far beyond major financial institutions and online merchants, said the Anti-Phishing Working Group (APWP) in its fourth quarter Phishing Activity Trends Report. Now they're targeting the big phish hoping to hook key individuals in corporations and institutions. The number of hijacked brands reached a record 356 in October, up nearly 4.4% from the previous record of 341 in August 2009, said APWG. "No brand is safe from the threat of spoofing for the purposes of online fraud," said APWG Secretary General Peter Cassidy. "Once, only the largest banks were targeted. Now, every kind of enterprise from banks and credit unions of all sizes to charities, to, in a recent case, a hardware manufacturer, are now seeing their brands exploited in all manner of fraud scheme," he added (Sys-Con.com March 8) . The number of unique phish reports declined nearly 29% from 40,261 in August. However, the decline masks a trend that is of "grave concern" to APWG members: a substantial increase in phishing focused on high-value targets--such as personnel with treasury authority. The increase in spear-phishing and whale phishing, which target individuals inside of corporations or those who are of "high net worth," means phisher and malware attackers are trying to gain access to corporate online banking systems, corporate virtual private networks or VPNs, and other online resources, according to APWG. While some research indicates the volume of phishing e-mails is decreasing, it is important to note that these attacks are targeting more varied industries with the intent on generating greater financial success, says Cyveillance, a cyber intelligence company. While banks and credit unions continue to be the top targets of phishers, governments and the technology and energy industries are now seeing growing number of attacks, said the company. During the second half of 2009, Cyveillance found that first time phishing targets grew to 399 brands, nearly double the number during the first half of 2009 (Investment Weekly News March 13). More than 36,000 confirmed, unique attacks were noted per month in the same period, said Cyveillance. That means phishing attacks continued to reel in their victims--despite advances made in consumer education and added protections implemented by security departments within the targeted organizations.