The importance of SME IT services protecting their systems and educating their staff about the risk of phishing attacks has been highlighted by research from Gartner.

According to the firm's figures, some $3.18 billion (£1.6 billion) was lost in the US during 2007 to phishing attacks – affecting around 3.6 million adults.

Although the financial loss from each attack dropped from £664 to £444, the 1.3 million increase in crimes pushed the total financial cost higher than ever before.

"Phishing attacks are becoming more surreptitious and are often designed to drop malware that steals user credentials and sensitive information from consumer desktops," said Avivah Litan, vice president and analyst at Gartner.

"Anti-phishing detection and prevention solutions are available but not utilised widely enough to stop the damage. These must be deployed and combined with solutions that also proactively detect and stop malware-based attacks."

IT support teams are likely well aware of the potential risks of these malicious sites which mimic reputable web pages but siphon off the personal details entered by users in order to commit fraud.

However, staff members at small and medium-sized enterprises (SMEs) may not be so well-informed and could potentially expose company information or banking details by not spotting fraudulent websites.