UK Consumers Lose Faith in ‘Phished’ Brands

Use Netsparker

It seems Phishing is have effects in ways that weren’t originally obvious, it comes back to the same topic we generally discuss here when it comes to security and consumers.


Someone consumers see a Phishing attempt from ‘Brand X‘ as a negative against that brand…even though it has absolutely nothing to do with the brand and there’s nothing they can do to control it.

Email phishing attacks tarnish the reputations of targeted firms, according to a new UK survey. Two in five UK adults (42 per cent) quizzed feel that their trust in a brand would be “greatly reduced” if they received a phishing email purporting to represent it.

Despite this, the majority of respondents to YouGov’s online survey reckon the responsibility for protection against phishing attacks lies with ISPs and individuals themselves, rather than the brands targeted by fraudulent emails.

One in four (26 per cent) of 1,960 adults surveyed reckon the main responsibility for protecting against phishing attacks lies with themselves, with a similar percentage (23 per cent) responding that their ISP ought to bear the brunt of filtering spam emails. A further (17 per cent) think the sender’s ISP and email service provider holds the greatest responsibility in combating scam emails.

Pretty sad news for any big brands, and how did people work out it’s the ISP’s responsibility? If you are careful with your e-mail address and responsible about using it (or at least maintain segregated and throw-away accounts) you shouldn’t have any problems anyway.

Plus believing Phishing e-mails? Sometimes I lose faith in the human race.

The YouGov phishing survey was sponsored by anti-spam firm Cloudmark, which reports that .uk domains are the single most common target of phishing attack across Europe.

Security experts at ISPs said it was unfair for consumers to hold the targets of attacks responsible for the crud hitting their inboxes.

“Whilst awareness to the problem is essential, it is unrealistic to expect businesses to be able to secure themselves fully against such sophisticated criminal activities. The increasingly dynamic and transient nature of the latest threats requires a combination of desktop protection at the client level, and accurate message filtering from ISPs,” said Nigel Stevens, product director at THUS.

Oh well I guess we just have to keep educating, talking, discussing and teaching. There’s nothing much else we can do to combat misconceptions and public opinion.

Source: The Register

Posted in: Phishing, Spammers & Scammers

, , ,

Latest Posts:

Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds. - Test SSL Security Including Ciphers, Protocols & Detect Flaws – Test SSL Security Including Ciphers, Protocols & Detect Flaws is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

4 Responses to UK Consumers Lose Faith in ‘Phished’ Brands

  1. Nobody_Holme November 27, 2007 at 12:55 pm #

    “Sometimes I lose faith in the human race”

    I lost that a long time ago… But throwaways arent a perfect solution. I’m careful and use them, and only give my real email to people i trust, but I’m still on two of the spam lists…

    I do have to mention, some companies are no help, if theres a rash of phishing going round using their name, they should at least contact their customers.
    I got hit with a very very convincing one from paypal… which i dont use… so i emailed their customer support suggesting that they mention about it… and got told to fuck off, although it took them about 100 words.
    I’m not saying that the whole problem is their fault, but they should at least do their bit, after all, if their customers get all their money taken, they’ve got nobody to buy their stuff.

  2. Pantagruel November 27, 2007 at 3:03 pm #

    “Oh well I guess we just have to keep educating, talking, discussing and teaching. There

  3. dirty November 27, 2007 at 5:18 pm #

    I think this goes to show how truly uneducated most people on the internet are. I agree that the companies should be doing there part to negate these phising sites but it really comes down to the end users clicking and typing.

    When I was reading this it made me do one of those wide eyed head shaking double takes at the screen. I agree with you Pantagruel, there is no patch for human stupidity.


  4. Goodpeople November 30, 2007 at 11:53 am #

    Well, I sort of understand why people react this way. When a company’s name is being abused in a fishing attack and the new spreads, people will start to associate that company’s name with “danger”.

    The prase “Something fishy going down”. comes to mind. Sorry for the lame attempt of humor.

    I don’t think it’s stupid. You can’t really blame people. But sooner or later they’ll realise that every company will become a taget sometime and that they just can’t keep avoiding it.