Phishers are moving away from big banking institutions and heading for smaller targets, according to the Anti-Phishing Working Group (APWG).

In its study of phishing activity in February the group found that, while four out of five attacks were still on six major banks, the number of smaller organisations being targeted is rising fast.

The APWG monitored attacks against Amazon and Monster.com, as well as local financial institutions like Bank of Dubai and Royal Bank of Canada.

"Attacks on the bigger brands are on the decrease," said Mark Murtagh, technical director of Websense, which provided much of the data for the report.

"While a huge number still go for big brands, smaller firms and non-financial institutions are being increasingly targeted. It's about increasing the probability of a successful catch, and the returns on that catch."

Murtagh acknowledged that the efforts by some banks to educate customers may have helped, but pointed out that phishers do not always target banks to get financial information.

For example, if the phishers can get the user ID and password for an Amazon account that has 'One Click' set up they get full access to the customer's credit card details. In another form of attack an email claiming to be a gift certificate from the online bookseller is in fact a piece of malicious code.

The move away from banks towards e-commerce sites began at Christmas but is accelerating. Over the past month over 13,000 new phishing emails were discovered.