Often posing as legitimate organizations, phishing attackers continue to deceive credit union members and bank customers into disclosing their personal information and account credentials, according to a new report.

The Miami-based fraud protection firm Easy Solutions' report, “Know Your Enemy: Understanding Phishing Strategies,” analyzed more then 3,030 phishing attacks on the top 25 U.S. financial institutions that took place from September to December 2015.

The report revealed just how specific phishers are getting in their attacks, as well as common themes.

The Easy Solutions research team grouped phishing sites into three main clusters, based on site creation and registration of site domains. The report also found the average number of potential targets per phishing attack was only 190 individuals.

This indicated willingness on the phishers' part to essentially “smash and grab,” and set up unique sites likely visited by only a very small number of victims, the firm said. Attackers either sell or use the stolen data to commit fraud, causing irreparable damage to financial institutions and account holders.

Easy Solutions researchers dove deeper into the data by identifying 12 subgroups, which helped the team understand the attackers' strategies, locations and motivations, the firm said.

“These findings are important because they demonstrate that it is possible to effectively characterize a diverse attacker population that is persistently launching attacks against a brand,” Daniel Ingevaldson, chief technology officer for Easy Solutions, said. “When institutions can more effectively characterize their attackers, they can then more successfully combat phishing attacks. Only by studying how these criminals operate can we develop more effective countermeasures, to help financial institutions reduce the rate of successful phishing attempts on their brands.”

According to Easy Solutions, understanding the different strategies used by criminal organizations to conduct phishing attacks is valuable, and has become critical to the development of more effective detection and takedown tools.

The research team grouped phishing sites into the following three main clusters, based on fake website creation techniques and domain registration:

Group 1: Sites neither resemble nor reference the original sites they targeted.

Group 2: Sites are copies of the target sites, with all page content hosted by the attackers themselves.

Group 3: Sites are copies of the target sites with references to most of the original site content. These are the simplest and easiest to deploy attacks.

Easy Solutions said when institutions can more effectively characterize their attackers, they can then more successfully combat phishing attacks – for example, by fine-tuning consumer education campaigns, changing website countermeasures or adjusting risk scoring during phishing campaigns.