|[September 18, 2013]
APWG Cybercrime Report: More Brands Menaced by Phishing
SAN FRANCISCO --(Business Wire)--
The APWG is reporting in its latest Global Phishing Survey:
Trends and Domain Name Use study that an increasing number of brands
and their users have been targeted by phishers. The number surged nearly
20 percent between the second half of 2012 and the first half of 2013.
The study, released at the APWG's annual conference in San Francisco,
found that criminals targeted 720 brands, an increase of almost 18
percent from the second half of 2012. Many brands were attacked several
times a week on average, with eighty brands attacked 100 or more times
each during the 26-week period. Half of the targets were attacked one to
three times during the period.
"This increase shows that phishers are looking for new opportunities,
and new victims," said Rod Rasmussen, President & CTO of IID, and a
co-author of the study.
APWG analysts found that PayPal (News - Alert) was again the world's most-targeted
institution for phishing attacks, with some 18 percent (13,498 attacks)
of all campaigns directed against the company and its users in 1H2013.
Taobao.com, the Chinese shopping site, was second-most-attacked in the
survey period with 9 percent (6,605) of recorded phishing attacks.
Of the 53,685 phishing domains identified, the authors found 12,173
domain names that they believe were registered maliciously by
phishers--double the 5,835 found in 2H2012. This increase is
attributable to a sudden increase in domain registrations by Chinese
phishers. Of these malicious registrations, at least 8,240 (68%) were
registered to phish Chinese targets-services and sites in China that
serve a primarily Chinese customer base. The phishing sites used domain
names purchased at both Chinese and American registrars, and were hosted
in China, the United States, and elsewhere.
"A large portion of phishng attacks used domain registration, hosting,
and payment processing companies in different countries," said Greg
Aaron, President of Illumintel Inc., and a co-author of the study. "As a
result, everyone ended up losing--except the phishers. It's a reminder
that timely, international cooperation in the private sector is needed
in order to combat e-crime."
The full text of the report is available here:
Other highlights of the report include:
Vulnerable hosting providers are inadvertently contributing to
phishing. Mass compromises led to 27 percent of all phishing attacks.
Phishers continue to take advantage of inattentive or indifferent
domain name registrars, registries, and subdomain resellers. The
number of top-level registries is poised to quintuple over the next
The average and median uptimes of phishing attacks are climbing.
About the APWG
The APWG, founded in 2003 as the Anti-Phishing Working Group, is the
global industry, law enforcement, and government coalition focused on
unifying the global response to electronic crime. Membership is open to
qualified financial institutions, online retailers, ISPs and Telcos, the
law enforcement community, solutions providers, multi-lateral treaty
organizations, research centers, trade associations and government
agencies. There are more than 2,000 companies, government agencies and
NGOs participating in the APWG worldwide. The APWG's www.apwg.org
and education.apwg.org websites
offer the public, industry and government agencies practical information
about phishing and electronically mediated fraud as well as pointers to
pragmatic technical solutions that provide immediate protection. The
APWG is co-founder and co-manager of the Stop. Think. Connect. Messaging
Convention, the global online safety public awareness collaborative www.stopthinkconnect.org
and founder/curator of the eCrime Researchers Summit, the world's only
peer-reviewed conference dedicated specifically to electronic crime
[ Back To Technology News's Homepage ]