Phishing is defined by APWG as a criminal mechanism employing both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. With the development of the Internet economy and technologies, online fraud has started to increase. Online attacks are aimed not only at developing countries but also at developed countries. Moreover, online fraud is increasingly sophisticated and effective. In short, hackers are improving themselves by using technology for their own purposes.
The APWG (Anti-Phishing Working Group), which was established in 2003 to fight against online fraud, publishes reports on such attacks under the Phishing Attack Trends Report at https://www.antipishing.org. According to the 3rd quarter report of the study group, the top ten countries and the least infected countries are shown below table. China, Taiwan and Turkey are the most infected countries by phishing. 47.2% of machines in China, and 43.2% in Taiwan were infected. In Turkey, this ratio is as high as 39%. The least affected countries are Sweden, Finland and Norway.
The best way to fight against online attacks is through global cooperation. As the technology progresses, it is also difficult to determine where and how the attack takes place. As the quality of the attack increases, the solution becomes more difficult. Therefore, it is possible to face a second attack without understanding first attack. The fact that the attacks are related to the private information and bank information of the persons / companies requires an immediate solution of the problem. The more time it takes to find the solution, the more the costs to individuals / companies increase. Especially, e-commerce institutions lose their reputation. It is necessary to be proactive. In other words, the quality and effect of the attack should be predicted and took an action before the attack. The phishing problem is high cost but also the solution is high cost, too. For this reason, countries need to come together and strengthen cooperation on this issue. Most importantly, awareness should be raised about digital security risk management practices.
Table. Percentage of Machines Infected by Phishing Attacks Q3 2016
| Global Ranking | Country (Most Infected) | % | Global Ranking | Country (Least Infected) | % |
| 1 | Republic of China | 47.2 | 36 | Belgium | 24.1 |
| 2 | Taiwan | 43.4 | 37 | UK | 23.4 |
| 3 | Turkey | 39.0 | 38 | Germany | 23.2 |
| 4 | Russia | 37.9 | 39 | Switzerland | 22.3 |
| 5 | Ecuador | 37.2 | 40 | Netherlands | 21.8 |
| 6 | Guatemala | 36.5 | 41 | Denmark | 21.4 |
| 7 | Peru | 36.0 | 42 | Japan | 20.8 |
| 8 | Mexico | 35.8 | 43 | Sweden | 20.3 |
| 9 | Brazil | 33.9 | 44 | Finland | 19.8 |
| 10 | Venezuela | 32.3 | 45 | Norway | 19.7 |
Source: Anti-Phishing Working Group (2016).