Every time you connect to the Internet, there is someone interested in stealing data about you, including your personal and banking information, and anything else they can sell or trade.
Looking back at 2013, there were an estimated 450,000 attacks that generated a record $5.9 billion in consumer loss, remaining a major threat to users, according to the RSA "2013 A Year in Review" report focused on phishing.
Cybercriminals have a vast underground in which they are able to share technologies and tools used to launch attacks. Free mass-mailing guides can be found on some of these forums, with in-depth guides available for low prices, it's even easier to launch attacks.
The top five countries targeted by phishing attacks, according to RSA: United States, United Kingdom, Germany, India, and South Africa - North America garnered 26 percent of all phishing attacks worldwide.
Looking ahead to the rest of 2014, expect to see phishing attacks remain close to the same level as 2013, though e-mail authentication and other security enhancements hopefully means we will see less spam slip into the inbox.
Users shouldn't just depend on e-mail spam and security filters, and end-user awareness will remain an ongoing battle - another blog on this topic will be published within the next few days.
I recently received a fun e-mail from a spammer trying to phish, and was kind enough to respond to create a short dialogue. The full e-mails from the phisher are available here and here - and this is just a sample of a very basic attempt. Poorlyl written English, rather unbelievable backstory, and an offer for an insane amount of money should immediately send up red flags, though people still respond and provide personal information.
(Don't worry, I didn't hand over my mailing address, driver's license, or passport information to him - and, sadly, won't get millions for helping him out!)