MarkMonitor found major brands suffered, on average, 286,000 examples of cybersquatting during over the four-week long survey, far and away the most common abuse detected.

Clickfraud—or siphoning off consumers via fake pay-per-click ads—was identified 50,743 times, while e-commerce fraud occurred 21,093 times and kiting 11,015. These figures represent the four-week average for each brand.

In spite of much talk in the trade press about phishing and the growing awareness of identity theft in the general public, users still don't know how to detect phishing scams. In The Emperor's New Security Indicators researchers tested how well bank customers used the anti-phishing features of browsers:

We asked 67 bank customers to conduct common online banking tasks. Each time they logged in, we presented increasingly alarming clues that their connection was insecure. First, we removed HTTPS indicators. Next, we removed the participant's site-authentication image---the customer-selected image that many websites now expect their users to verify before entering their passwords. Finally, we replaced the bank's login page with a warning page. After each clue, we measured whether participants entered their passwords or withheld them.

The results were terrible. Everyone missed the lack of HTTPS inidcator and 92% entered their passwords in the bogus sites.

Have any good tips for the average user? Posted them in the comments section and share with others. The phishing problem is getting worse and the lack of user awareness makes the consequences even worse.