Huge numbers of desktop PCs are passing on e-mails for conmen trying to steal confidential details, say experts.
Citibank is a phishing favourite
Analysis by mail security firm Ciphertrust reveals that the hijacked computers are unwitting accomplices for almost all so-called phishing attacks.
Its research shows that the hijacked PCs are organised into five separate networks of zombie computers that send out the fraudulent e-mails.
American PCs sent out the most messages and South Korea was in second place.
Ciphertrust carried out its analysis on messages that passed through its mail filtering hardware during the first two weeks of October.
Only 1% of the e-mails sent were so-called phishing attacks that pose as messages from financial organisations and try to con people into handing over account information, password and login details.
Citibank - 54.16%
Smith Barney - 13.48%
SunTrust - 10.02%
Paypal - 7.57%
Wells Fargo - 5.42%
HSBC - 5.07%
eBay - 4.15%
USBank - 0.11%
CitizensBank - 0.014%
Ciphertrust said that analysis of the net addresses used to relay these messages show that they are passing through a relatively small number of zombie networks.
The company said perhaps as few as five zombie networks were responsible for funnelling the fraudulent messages and each network can call on a pool of about 1,000 PCs.
Almost a third of these zombies, 32%, were sited in the US. A further 16% were in South Korea and the remaining 52% were in 98 other countries.
The US and South Korea were so popular with the phishing gangs because broadband is much more widely used in those countries.
"Phishing attacks represent a collaboration of the world's most skilled hackers and organised crime," said Paul Judge, chief technology officer at Ciphertrust.
"Instead of breaking into the bank to take money, phishers are tricking users into handing over their account information, or rather the electronic keys to the vault."
United States - 32.07%
Republic of Korea - 15.39%
France - 6.55%
China - 6.40%
United Kingdom - 4.06%
Germany - 3.85%
Spain - 3.81%
Japan - 3.05%
Italy - 2.48%
Many PCs in homes and businesses have been recruited into the zombie networks by falling victim to one of the many viruses currently in circulation.
Many viruses, such as Bagle, MyDoom and Sobig, have been written specifically to open up a backdoor into a PC so that it can be controlled remotely by malicious hackers, spammers or criminals.
Ciphertrust said 70% of the home machines sending out phishing e-mail messages are also relaying spam.
Criminals and spammers are keen to use these zombie networks because the tactic helps them hide their tracks.
By far the most popular target for the phishing gangs was US financial firm Citibank. More than 54% of the phishing messages were seeking out its customers. Smith Barney was in second place with more than 13% of messages.