Phishers increasingly target brands
Posted on 19 September 2013.
The APWG is reporting in its latest Global Phishing Survey: Trends and Domain Name Use study that an increasing number of brands and their users have been targeted by phishers. The number surged nearly 20 percent between the second half of 2012 and the first half of 2013.


The study, released at the APWG’s annual conference in San Francisco, found that criminals targeted 720 brands, an increase of almost 18 percent from the second half of 2012. Many brands were attacked several times a week on average, with eighty brands attacked 100 or more times each during the 26-week period. Half of the targets were attacked one to three times during the period.

“This increase shows that phishers are looking for new opportunities, and new victims," said Rod Rasmussen, President & CTO of IID, and a co-author of the study.

APWG analysts found that PayPal was again the world’s most-targeted institution for phishing attacks, with some 18 percent (13,498 attacks) of all campaigns directed against the company and its users in 1H2013. Taobao.com, the Chinese shopping site, was second-most-attacked in the survey period with 9 percent (6,605) of recorded phishing attacks.

Of the 53,685 phishing domains identified, the authors found 12,173 domain names that they believe were registered maliciously by phishers--double the 5,835 found in 2H2012. This increase is attributable to a sudden increase in domain registrations by Chinese phishers. Of these malicious registrations, at least 8,240 (68%) were registered to phish Chinese targets—services and sites in China that serve a primarily Chinese customer base. The phishing sites used domain names purchased at both Chinese and American registrars, and were hosted in China, the United States, and elsewhere.

“A large portion of phishing attacks used domain registration, hosting, and payment processing companies in different countries,” said Greg Aaron, President of Illumintel Inc., and a co-author of the study. “As a result, everyone ended up losing--except the phishers. It’s a reminder that timely, international cooperation in the private sector is needed in order to combat e-crime.”

The complete report is available here.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //