In November alone, the Anti-Phishing Working Group (APWG) received 16,882 unique reports of phishing attacks that attempted to fool consumers with 93 different hijacked brands, according to a report the group released this week.
November's phishing attacks marked an all-time high, climbing from the 15,820 the group received notice of in October, and doubling the number of attacks recorded in November 2004, according to the report. There were 4,630 new phishing sites detected by the group in November, up slightly from the 4,367 discovered in October but down from the August high of 5,259.
The majority of these attacks continue to pretend to come from financial institutions, although phishers also spoofed retailers, ISPs, and the Internal Revenue Service in November, the report says.
The average phishing site stayed online for 5.5 days in November, the report says, and the majority of them were located in the U.S.
The group defines phishing as online identity theft that uses both social engineering and technical deception to steal personal or financial information.