Security software vendor Symantec's MessageLabs Intelligence report for October found an alarming increase in so-called spear-phishing attacks in the retail industry as scam artists incessantly targeted small groups of employees and executives at a pair of top-tier retailers.

The report, which also found that one in 488 emails sent in October was a phishing attack aimed at stealing either passwords, login credentials or other personal information, said that these coordinated phishing campaigns have surged from one or two cases a week just five years ago to more than 70 a day this month.

Spear-phishing attacks, the email campaigns that target phishing attacks at "big fish"--senior level executives, people with valuable contacts or account info, etc.--surged to 516 separate incidents in the retail sector this month, up from just seven attacks for the rest of the year.


These attacks, which Symantec (NASDAQ: SYMC) refers to as "advanced persistent threats," have exploded in recent years as sophisticated malware groups often cull social networking sites and other industry- or company-specific sites to find tidbits of information-- names, projects, group titles, etc. -- that they then use to make their unsolicited emails look more legitimate and official. Often, they use the actual corporate email addresses of managers or colleagues to disguise the ruse and increase their infection rate.

Last month, the manufacturing and public sectors were the most popular targets for these campaigns. This time around, hackers were apparently obsessed by two specific retail companies, which Symantec would not identify, that were targeted a disproportionate number of times. One retailer was hit with a total of 325 attacks that targeted 88 different employees.

In one instance, the unsolicited email appeared to contain an attachment purporting to be a confidential salary list. Others were designed to look like official correspondence from executives in the company's human resources department.

"We want you to remember that a person referred by an employee will always have more chance of being hired," one of the bogus missives advised.

Similar attacks have had varying degrees of success in the past year. In January, employees at three U.S. oil companies were conned into divulging sensitive intellectual property after a spear-phishing scam targeted their executive suite.

"The danger of targeted attacks is the stealth deployment of malicious code that quietly performs some covert operation on the recipient's computer," Symantec researchers said in the report. "Sometimes this code is attached directly to an email message as an .EXE, but increasingly they are frequently hidden with very legitimate looking documents such as .PDF, .DOC, .XLS and .PPT and even hyperlinks."

On the bright side, Symantec found that total spam volume fell to 87.5 percent of all email, down 4.2 percent from September.

Also, one in 221.9 emails in October contained some form of malware, that's down a microscopic 0.01 percent from September.

Larry Barrett is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.

Keep up to date with phishing news--follow eSecurityPlanet on Twitter @eSecurityP.