14 DAY TRIAL // The Kassel X-Force content research team made a market research to find out how many phishing websites appear every week and how many of them are really dangerous for the users. The results were really shocking: 100.000 new phishing pages are rolled out every week, 99.8 percent of them being based on automated phishing kits. This is incredibly dangerous for the Internet users because the software solutions currently available on the market are not able to face such an impressive number of pages every day so most of the applications might become vulnerable and useless.
"On the site registration side, we see that the phishing kits trace back to just 111 domain registrations - corresponding to an average of around 1000 sites hosted per malicious domain. And, just like my posting a couple of weeks ago, X-Force observed Hong Kong (.hk) registrations being most popular - constituting 33% of domains - followed by Taiwan (.tw) with 14% and then China (.cn) with 8%," Gunter Ollmann from the X-Force team said.
If you didn't know, the phishing websites represent some of the most important Internet threats because they are able to lure users to disclose their financial and private information. Obviously, there are several applications built with the purpose of discovering the phishing pages but, with 100.000 new websites appearing every day, it's very hard to discover all of them.
The phishing attempts can be often discovered with ease because they are based on a simple procedure: the attacker creates a page similar to a famous one such as a bank's website. After the website is built, it is uploaded on a domain similar to the original one to trick the user and make him think that he is visiting the official page. Very often, the attacker sends email messages to the customers of the site, in our case the bank, and requires them to re-enter their financial information in order to keep their account activated.