The latest report from Anti-phishing Working Group (APWG) and Websense Security Labs highlights the increasing trends for hackers to target easier e-commerce companies rather than the familiar financial institutions.
The number of phishing reports the APWG received in April rebounded to 14,411, continuing a trend of slight growth during 2005. While the number of reported phishing domains has slightly dropped in April compared to March (2870), there was a very significant (the third largest on record) spike in the first week of April.
Websense Security Labs has seen a large increase in the number of credit unions that have been targeted in phishing scams in April. These range from regionally focused credit unions to niche credit unions that target particular employee sets. Hackers are modifying their attack methods by shifting away from attacking popular or large institutions.
Another notable trend is the decrease in the íjust an IP address domainsí percentage below. It has been falling for the past 3 months, and the strongest decrease was in April (11%). This trend shows the growing skill of phishers in disguising their scam attempts to trick end users.
Highlights of the report include:
Number of active phishing sites reported in April: 2854
Average monthly growth rate in phishing sites July 2004 through April 2005: 15%
Number of brands hijacked by phishing campaigns in April: 79
Number of brands comprising the top 80% of phishing campaigns in April: 7
Country hosting the most phishing websites in April: United States
Contain some form of target name in URL: 33 %
No hostname just IP address: 37 %
Percentage of sites not using port 80: 5.5 %
Average time online for site: 5.8 days
Longest time online for site: 30 days
Mark Murtagh, Technical Director EMEA for Websense comments: One of the things we have noticed is a trend where hackers are modifying their attack methods by shifting away from mimicking large financial organisations, and are now focussing on global e-commerce companies. As phishers try to further disguise their scam attempts to trick end users, there has been a fall in the number of sites that contain no domain name. This has been falling over the past 3 months, and the strongest decrease was in April, where it hit 11%. Cousin URLs (domain names which look similar to actual domain name) are being used to give the impression of legitimacy .
Please let me know if you would like any further details, as always happy to put you in touch. The full report is available at
Latest report from the Anti-phishing Working Group (APWG) and Websense Security Labs
.
