Search for your perfect domain name...

Phishing Attacks and Domains

November 25th, 2008|

|

Share this post

Phishing Attacks and Domains

The Anti-Phishing Working Group (APWG) have published their report covering the first half of 2008.

The report is quite detailed, but some of the major points may be garnered from the first page introduction:

Our major findings are:

1. Phishers continue to target specific Top-Level Domains (TLDs) and specific domain name registrars, and shift their preferences over time. Metrics that measure the pervasiveness of phishing in TLDs provide a valuable way to identify exploitation by phishers who register domain names.

2. Anti-phishing programs implemented by domain name registries can have a noticeable effect on the up-times (durations) of phishing attacks. We see some direct correlation between the efforts of several large gTLD and ccTLD operators and the amount of time that phishing sites remained live within their TLDs.

3. Phishers are engaged in the large-scale use of subdomain services to host and manage their phishing sites. Such attacks even account for the majority of attacks in certain large TLDs.

The report also concludes that the number of phishing attacks using IP addresses has dropped, while the number using domains has increased, which would be a logical enough progression.

Business Wire has some coverage here, while you can read the entire report here:
APWG_GlobalPhishingSurvey1H2008.pdf

Share with a friend!

About the Author: Michele Neylon
Known for his outspoken opinions on technology and the Internet, Michele Neylon is the award winning author of several blogs and co-host of the Technology.ie podcast. A thought leader in the Internet community, Neylon is active within ICANN and an expert on policy, security, domains, ICANN, Nominet and Internet Governance. You can stalk him on various social media networks including Twitter and Instagram
Go to Top