Fraudulent e-mails designed to dupe Internet users out of their credit card details or bank information topped the three billion mark last month, according to one of the largest spam e-mail filtering companies.
The authentic-looking e-mails, masquerading as messages from banks or online retailers, have become a popular new tool for tech-savvy fraudsters in a new scam known as "phishing".
Over the past nine months, the monthly volume of phishing e-mails has risen nearly ten-fold to 3.1 billion worldwide in April, San Francisco-based e-mail filtering firm Brightmail said.
Brightmail said its spam filters sift through 96 billion e-mails each month.
Police suspect organized crime gangs from Eastern Europe are the main culprits in the multi-billion dollar racket.
On Wednesday, British police arrested a dozen Eastern European men and women accused of funnelling hundreds of thousands of pounds in defrauded funds from UK bank accounts to a Russian crime gang, in one of the biggest busts yet into the phishing gangs.
Police recently estimated phishing scams cost British banks an estimated 60 million pounds ($110 million) last year. In the U.S., the economic toll from phishing cost U.S. banks and credit card companies $1.2 billion in 2003, Gartner Research said on Thursday.
The Gartner study projected 1.78 million Americans reported giving personal information or financial details about themselves to the fraudsters.
A globe-spanning scam
Police say the scam is concentrated on English-speaking countries such as the UK, U.S. and Australia, but is expected to target new territories as more people transact and bank online.
In most cases, the scammers send elaborate looking e-mails masquerading as official notices from banks or retailers saying an individual's account needs to be updated or that a new product is on sale.
A link is provided in the e-mail to an official-looking Web site where a customer is instructed to input account details and credit card numbers.
As the sophistication level grows, police and technology experts suspect the scammers will increasingly turn to all businesses that send communications to customers via e-mail, thus putting Internet service providers, airlines and retailers in the line of fire.
"Any company that does business online is a potential victim," said Mark Bruno, enterprise product manager at Brightmail.
Brightmail added that a recent sinister twist to the phishing scam has emerged in which the e-mails contain trojan programs capable of installing themselves on an unwitting computer user's machine to steal information by logging key strokes.
The phenomenon is weighing on consumer confidence in e-commerce, anti-fraud firm Cyota said.
According to a recent Cyota survey of online bank account-holders, 74 percent said they were less likely to shop online due to the threat of phishing attacks.