Nearly 73,000 Phishing Web Sites has registered in the first half of 2013

Posted: September 26, 2013 in IT Security News
Tags: , ,

Spam and phishingThere were at least 72,758 unique phishing attacks worldwide (APWG: Global Phishing Survey, published 18 September 2013)

In January – June 2013 Anti-Phishing Working Group (APWG) has registered just over 72.7 million phishing web sites, whereas in the previous six months was found 123.5 thousands of such resources. Fake sites were found in 53.7 million unique domains – against 89.7 million  in 2012’s second half. Experts attribute this decline declining popularity of virtual hosting phishing community.

During the reporting period, the phishers prefer to place their traps in legal areas, compromised by mass hacking (27% of phishing sites). Have not lost their popularity and trust of registration: from 53.7 million related to the phishing domains over 12,000 phishers are registered legally. It is twice more than in July – December 2012. This increase was caused by the activation of phishing in China: according to the APWG, 68% of registered domain names used for phishing attacks on Chinese targets. In this country, there is an intensive growth of medium-income segments of the population who are willing to use e-commerce services. In this case, the Chinese phishers, according to experts, prefer to place their traps, buying domains – mostly from local or U.S. registrars.

Phishing Attacks - Basic Statistics

Phishing Attacks – Basic Statistics

Number abuses the service sub-domains also decreased: in the first half of the share of phishing sites hosted on subdomains, had only 10% of the traps. Most of these sites have been registered through the new, not yet sullied themselves abuse the service. The largest number of abyuzov in the reporting period was found in the office of the German company UNONIC, offering free registration in the TLD-zone .tf (French Southern Territories, including Antarctica).

Phishing web sites have been found in the TLD – 194 domains , with about half of these traps ( 48% ) were in the area .com. Only 82 % of websites registered by phishers, were placed in the domain .com, .tk ( Tokelau ) and .info. Median concentrations of phishing fraud (based on 10 million registered domain names ) in the last half of the year was 3.1. APWG rating on this indicator led .pw (Palau, now in the open enrollment ), .np ( Nepal ), .th ( Thailand) and .si ( Slovenia ) with exponents 19.8, 19.7, 19.1 and 18.1 respectively. In comparison, a .com it was only 2.5 .

Phishing Attacks - Domains

Phishing Attacks – Domains

The number of attacked brands has increased by almost 18 % – to 720. During the reporting period, half of the targets attacked by phishers 1-3 times, 80 of the most popular brands – at least 100 times. At the same time, according to statistics APWG, on the banks had 40.4 % of unique attacks ( phishing simulations ) for payment services – 19.6 %, and e-commerce 16,6%, on social networks and e-mail services 12.4%. The most popular target of phishers are still PayPal (18,3% of attacks ), and China’s largest trading marketplace Taobao.com ( 9%).

Phishing Attacks Target Distribution

APWG noted with satisfaction that the volume of short links in a mass phishing URL drastically reduced. Apparently, this is the result of strengthening the fight against the owners of these services with abuses.

The average lifetime of phishing sites, unfortunately, continues to grow: in January – June, it was 44 hours 39 minutes, while in the second half of 2012 – 26 hours and 13 minutes. The median lifetime is now 12:00 52 minutes, which is almost two times higher than the former, a record low .

Global Phishing Survey: Trends and Domain Name Use in 1H2013 (Published 18 September 2013) http://docs.apwg.org/reports/APWG_GlobalPhishingSurvey_1H2013.pdf

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s