Here’s some more on the phishers targeting smaller institutions:
The Anti-Phishing Working Group has warned that smaller banks scams are surfacing with increasing frequency. The group’s monthly report warned that “hackers are modifying their attack methods by shifting away from attacking popular or large institutions.” Credit unions are increasingly baring the brunt of this new innovation. The total number of credit unions being targeted has risen from just 3 in February to 21 in May. No doubt phishers are targeting smaller banks and financial institutions because larger organizations have been strengthening their anti-phishing defenses recently.
I’d still like to know whether the targeting is just in terms of fake sites or scripts, or whether the email addresses are being targeted with more precision?