"Many of the browser upgrades are still incomplete and immature in terms of protections afforded," Litan adds. "For at least two more years, phishing attacks will continue to increase since it is still a lucrative business for the perpetrators."

The fear of phishing attacks is having a dramatic impact on non-solicited e-mails, as more adults delete e-mails if they do not know the person sending them. "Among respondents who say their trust in e-mail has been adversely affected by the recent spate of security-related incidents, 85 percent delete e-mails they do not trust without opening them first."

"The anti-phishing measures some enterprises have put in place to protect their brand and their consumers are not working," Litan says "Phishers are moving from site to site to launch their attacks more quickly than ever. The average life of phishing sites has gone from one week a couple years ago to about one hour in 2006. Within a year or so, phishing sites may be user-specific -- that is a single site will be set up to launch a phishing attack against a single user. It is no wonder that the detection services cannot keep up with these rapid criminal movements."