Security : Technology : Network :
Cybergangs Accelerating Velocity
The APWG is reporting in its latest Global Phishing Survey: Trends and Domain Name Use study released late last month that cybercrime gangs are accelerating their substitution of targeted brands at an alarming new pace.
“Phishers appear to be looking for companies that are newly popular, have vulnerable user bases, and/or are not ready to defend themselves against phishing. From the results of our latest survey, it is obvious that most any enterprise with an online presence can be a phishing target”
The authors revealed in the report of 2H 2013 phishing activity and DNS abuse that of the 681 targets that were phished in 2H 2013, some 324, almost half, were not phished in 1H2013. This is an unusual amount of turnover, and shows phishers trying out new targets at an alarmingly accelerated new tempo.
The complete report is available here: http://docs.apwg.org/reports/APWG_GlobalPhishingSurvey_2H2013.pdf
“Phishers appear to be looking for companies that are newly popular, have vulnerable user bases, and/or are not ready to defend themselves against phishing. From the results of our latest survey, it is obvious that most any enterprise with an online presence can be a phishing target,” said report co-author Greg Aaron of Illumintel.
As if to illustrate the trend toward rapidly expanding phishers’ target base, APWG Research Fellow Gary Warner reported this month phishing attacks using an online survey form against the Irish convenience store and grocery chain CENTRA.
The report also follows the continuing explosion of phishing activity in China. The authors found that phishers attacking Chinese brands were responsible for 85 percent of the domain names that were registered for specifically for mounting phishing campaigns.
“Malicious domain names — meaning domain names registered by phishers directly, were at an all-time high — nearly twice any prior survey. These domains were largely registered by Chinese phishers to attack Chinese targets but were registered in several TLDs at numerous registrars around the world, making it ever more important for registrars and registries to be on the lookout for fraudulent registration attempts,” said report co-author Rod Rasmussen of IID.
Average uptimes of phishing attacks declined, and were close to historic lows, pointing to successes being routinized by anti-phishing responders and the enduring prevalence of shared virtual server attacks (still some 18 percent of all campaigns) which attract attention and batched take-downs.
About the APWG
The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,000 companies, government agencies and NGOs participating in the APWG worldwide.
The APWG's www.apwg.org and education.apwg.org websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the STOP. THINK. CONNECT. Messaging Convention, the global online safety public awareness collaborative www.stopthinkconnect.org and founder/curator of the eCrime Researchers Summit, the world’s only peer-reviewed conference dedicated specifically to electronic crime studies www.ecrimeresearch.org.
Advertise your product/service here!