Phishing Attacks and Domains

The Anti-Phishing Working Group (APWG) have published their report covering the first half of 2008.

The report is quite detailed, but some of the major points may be garnered from the first page introduction:

Our major findings are:

1. Phishers continue to target specific Top-Level Domains (TLDs) and specific domain name registrars, and shift their preferences over time. Metrics that measure the pervasiveness of phishing in TLDs provide a valuable way to identify exploitation by phishers who register domain names.

2. Anti-phishing programs implemented by domain name registries can have a noticeable effect on the up-times (durations) of phishing attacks. We see some direct correlation between the efforts of several large gTLD and ccTLD operators and the amount of time that phishing sites remained live within their TLDs.

3. Phishers are engaged in the large-scale use of subdomain services to host and manage their phishing sites. Such attacks even account for the majority of attacks in certain large TLDs.

The report also concludes that the number of phishing attacks using IP addresses has dropped, while the number using domains has increased, which would be a logical enough progression.

Business Wire has some coverage here, while you can read the entire report here:
APWG_GlobalPhishingSurvey1H2008.pdf

, , , , , , ,

Comments are closed.