Google has teamed up with the University of California in San Diego to publish surprising new research about phishing, how effective it is and how scammers work their phishing operations.
The study found, amongst a few startling revelations, that an effective phishing website (specifically one that looks legitimate and realistically like the expected website) will have a 45% success rate at harvesting data. This drops to 14% for an average looking imitation, and all the way down to 3% for a more obviously fake version.
The Huffington Post reports that the study was done by looking at 100 phishing emails from a random sample self-reported by Gmail users, and 100 more filtered via Google’s Safe Browsing system. All of these websites used Google Forms, which is “how researchers were able to access the data.”
Just as interesting was how cybercriminals would interact with the data once it had been compromised. They moved fast, with
Engadget noting that 20% of leaked account data was used within half an hour of the information being stolen.
