The Anti-Phishing Working group is reporting a new record - 154 banks, financial companies and electronic retailers had their brands hijacked through phishing in July 2006. They also report to have found over 23,000 phishing websites used to commit identity theft, fraud and other malicious activity in that one month alone.

The report analyzes the rapidly growing trend of phishing as a common way to steal banking and financial information from uninformed victims. Most phishing messages are sent by e-mail, a transport protocol known as SMTP that has changed little since 1982. The phishing e-mails are sent using spam distribution methods and employ social engineering to convince a user to visit a fake website and divulge private information. A number of phishing websites are in fact legitimate servers that were compromised through software vulnerabilities, exploited by hackers and covertly turned into illegal phishing sites - making the hackers more difficult to track.