Email security company, CipherTrust, recently showed a study
indicating that phishing (short for password harvesting fishing) attacks for the most part are coming from broadband customers whose PCs have been compromised.
About 0.35 percent of the more than 4 million e-mail messages CipherTrust examined were phishing solicitations. Scammers using phishing tactics typically send out e-mail targeting users of financial institutions or other e-commerce sites. The bogus e-mail message often tells recipients there's a problem with their accounts, and that they need to re-enter their bank account or credit card number at a Web site designed to look like the legitimate e-commerce site.
During the survey it was noted that an important share of the phishing attempts used e-mail faked to look like it came from CitiBank. On a smaller percent, other companies being faked included Smith Barney, SunTrust and PayPal.