Trends & Data

Two-in-five Internet Users Encounter “Phishing” Attacks In Last Twelve Months

Two in five (40%) of the UK’s 29 million internet users encountered a “phishing” attack in...

Two in five (40%) of the UK’s 29 million internet users encountered a “phishing” attack in the past twelve months, new research by the government and industry online safety campaign, Get Safe Online ( has found.

This means that 11.6 million people have received at least one phishing email in the last year. Independent research has shown that there are now 904 unique phishing attacks launched daily around the world.**

Phishing, where criminals send thousands of emails at a time attempting to dupe internet users into divulging their personal or financial details using emails and web pages from apparently legitimate companies, is fast-becoming one of the biggest forms of internet fraud.

However, internet users could do more to protect themselves from these attacks by taking a few simple steps, and Get Safe Online found.

  • A quarter (25%) of internet users do not have anti-spam filters on their PCs, which would stop most phishing messages from reaching their in-boxes
  • More than one-in-five (28%) said that they respond to phishing emails – either by clicking links in spam messages (10%) or by replying asking to be removed from a list (18%), which tells criminals that their address is active
  • Almost a quarter (24%) have visited websites which tried to install software files unprompted – likely an attempt to plant “spyware” on a user’s machine which then tracks their behaviours and keystrokes
  • Even more worrying, a substantial number of internet users (13% – or 3.8 million people) have opened files downloaded from the internet where they were not sure of the contents

Tony Neate, managing director of Get Safe Online said:

“Phishing is one of the most sophisticated and common forms of online fraud today – and the criminals are becoming more and more adept at using it.

“However it can be beaten, through better education for computer users, the use of security software such as anti-virus, anti-spyware and spam filters. And the continued co-operation between businesses, ISPs, and law enforcement to close down Phishing sites.”

The advice from Get Safe Online to beat phishing includes:

  • Can the spam: ensure that you have spam filters on your email to stop phishing emails reaching your inbox
  • Filter the phishermen: Internet Explorer 7.0 and Firefox 2.0, the most popular internet browsers, both have phishing filters, which alert users if they are on a known, reported spoof website
  • Use the tools: companies like eBay have a variety of tools on offer to help beat phishing: eBay offers a toolbar with “Account Guard” that shows green only when users are on a legitimate eBay or PayPal site.
  • If in doubt, delete: if you are at all unsure about whether an email is legitimate, delete the message. Never click the links in an email, always go to the website and type the address in manually

Garreth Griffith, head of Trust and Safety at adds: "As the internet grows in popularity and more people come online, the pond in which fraudsters can phish expands. As the industry steps up its efforts to deal with the problem head-on, so the fraudsters improve the sophistication of their attacks.

“Industry needs to minimise the risks in the first instance, but should also, very importantly, educate internet users in the nature of online threats and the few simple steps they can take to protect themselves. Internet users also share the responsibility for their own safety online.”

Notes to Editors:

* All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 2,441 adults. Fieldwork was undertaken between 2nd - 5th March 2007. The survey was carried out online. The figures have been weighted and are representative of all UK adults (aged 18+). ** Source: Symantec Corp Internet Security Threat Report, 19 March 2007, see: