The reason for this, he says, is that whilst online schemes to steal money from internet users have been around for a while, past attempts have often been manual, tedious efforts.
"Nevertheless, their persistent reappearance indicates that these campaigns have been successful. In fact, to improve the odds, todays initiatives feature much more sophisticated, automated tactics", he said in his latest security blog.
Because of this, Rachwald reports that his research team has spotted that past hacker successes have helped inspire a new set of tools and approaches to defraud consumers.
The tools, he says, are starting to focus on the lure of tax refunds, which are pitched at UK and US internet users.
The Imperva security director adds that, although hacker groups operate with intentions to defraud consumers, it is interesting to describe their attempts from the perspective of both the victim and the hacker.
The victim's perspective, he says, centres on traditional phishing attempts – using a phishing email and a bogus website – with a tax-centric theme
The hacker's perspective, meanwhile, uses email and a high degree of automation to get the message into as many mailboxes as possible, and reduce the time and cost involved with setup, deployment, and monitoring.
And now here's the bad news, as Rachwald argues that, given the persistence and frequency of phishing – especially the resurgence of current tax schemes – his research team is less hopeful that a consumer-centric solution will have a sufficient impact.
"Like it or not, this means businesses will have to bear the burden. Considering the real business impact, enterprises need to know if they are hosting a phishing site" he says.