November 9, 2011, 3:04PM
Report: Phishing Domain Registrations Way Down
Comment 
Online criminals registered far fewer Web domains for use in phishing attacks in the first half of 2011, in what may signal a decrease in phishing scams, according to a global phishing survey released this month by the Anti-Phishing Working Group (APWG).
In all, the group observed phishing attacks against 520 target institutions, among them: leading banks, e-commerce Web sites, Internet Service Providers (ISPs), lotteries, government tax bureaus, postal services, and stock-holding securities companies. Of just under 80,000 phishing domains reported, only 18 percent (14,650) were believed to have been registered by the phishers themselves. That figure is down from the second half of 2010, when phisher-registered domains accounted for 28 percent of such domains. Furthermore, the median uptimes for such scams were the lowest the APWG has ever recorded, the group said.
Registrations of suspected phishing domains that contain recognizable brand-names are down significantly from past surveys.
Editor's Pick
However, the drop was not seen everywhere. Chinese language phishing domains accounted for 70 percent of the 14,650 malicious domain name registrations APWG observed - a 44 percent increase from the previous quarter. Many of those phishing scams are targeting Chinese Internet users, but reside on systems operated by low-priced domain providers located outside of the PRC.
APWG said that it saw an increase in phishing scams that rely on compromises of shared virtual servers and using those systems as attack platforms is increasing in popularity. This method now accounts for 37 percent of all phishing attacks, allowing scammers to cast a wide net, using high volume attacks originating from large numbers of domain names.
Phishers continued to rely heavily on subdomain registration services in the first half of 2011, while attacks that exploited URL shortening services like bit.ly were surprisingly rare, the report concluded.
You can find the entire APWG report here [.pdf].
Commenting on this Article is closed.
Today's Most Popular
- Iranian Students Claim to have Stolen Thousands of Researcher's Records
- Why Google Won't Protect You From Big Brother
- Report: Diablo III Users Find Accounts Hacked, Gold Stolen And New 'Mystery' Friends
- OPINION: Are Anonymous Members Forged in the Crucible of IT Compliance?
- Forget 'Brogrammers,' Women Have The Edge In DEFCON Social Engineering Contest
Most Commented Stories
-
Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops (8)
-
Forget 'Brogrammers,' Women Have The Edge In DEFCON Social Engineering Contest (7)
-
Report: Diablo III Users Find Accounts Hacked, Gold Stolen And New 'Mystery' Friends (2)
-
New P2P Zeus Variant Targets Popular Sites with Bogus Offers (1)
-
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you (1)
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
21%
Only connect to password-protected, secure connections
39%
Only use websites with HTTPS
27%
I don’t pay attention to how I access the internet while traveling
13%
Total votes: 62
Follow Threatpost
 |  |  |  |
| Tumblr |
