Netcraft has published some statistics about phishing on their site.
"In its first year, the Netcraft Toolbar Community has identified more
than 450 confirmed phishing URLs using "https" urls to present a secure
connection using the Secure Sockets Layer (SSL). The number of phishing
attacks using SSL is significant for several reasons. Anti-phishing
education initiatives have often urged Internet users to look for the
SSL "golden lock" as an indicator of a site's legitimacy. Although
phishers have been using SSL in attacks for more than a year, the trend
seems to have drawn relatively little notice from users and the
technology press.
Case in point: The use of SSL certificates in phishing scams
made headlines in September when a security vendor issued a press
release warning of a scam in which a spoofed phishing site used a
self-signed certificate, presenting a gold lock icon but also
triggering a browser warning that the certificate was not recognized.
In this case, the phishers were banking on the likelihood that many
users will trust the padlock and ignore the certificate warning.
Despite the attention, the attack wasn't particularly new or novel." –
Netcraft
Article Link Netcraft Phishing Attack Statistics
