Nearly 40 per cent of phishing attacks last month originated from the US or South Korea, according to a report by anti-phishing site PhishTank. 

The October report found that of the 3,678 phishing sites found during the month, 24 per cent were hosted in the US and 14 per cent in South Korea. India ranked third with eight per cent, and the UK accounted for four per cent.

PayPal and eBay were by far the most popular phishing targets. Fraudulent emails claiming to be from the two sites were used in roughly 67 per cent of all phishing attacks.

Barclays Bank was at the centre of a major phishing scam last September, but fell to the third position in October with 321 reported incidents, representing about eight per cent of reported attacks.

Korean telecoms firm Hanaro Telecom was found to be hosting the most phishing operations, with 469 phishing sites traced to its networks.

The PhishTank project is organised by software company OpenDNS and aims to verify and index phishing sites for public record.

Users report suspected sites, which are then verified by other users and catalogued. The site claims to have more than 2,400 registered users.

The project does not actively contact hosting providers to allow them to take down phishing sites.

John Roberts, vice president of products at OpenDNS, told vnunet.com that the company plans to launch an RSS feed later this month at the request of ISPs.

In recent weeks, new versions of Internet Explorer and Firefox were introduced with built-in phishing protection.

Roberts said he hopes that the browsers will reduce phishing, but he added: "Until the internet at large decreases the effectiveness of these criminal attacks, the number of phishing attacks will not change."