14 DAY TRIAL // The number of brands whose names are leveraged in phishing scams is constantly increasing, experts say. According to a new study released by the Anti-Phishing Working Group (APWG), 720 brands were targeted by cybercriminals in the first half of 2013.
This represents an 18% increase compared to the second half of 2012. Unsurprisingly, PayPal was the most targeted company, 18% of all phishing campaigns being aimed at the company and its customers. PayPal was followed by Chinese shopping site Taobao.com with 9% of all recorded attacks.
“This increase shows that phishers are looking for new opportunities, and new victims,” noted Rod Rasmussen, president and CTO of IID, and a co-author of the study.
The figures show that, on average, many brands were targeted several times a week. More precisely, eight brands have been attacked 100 or more times, while half of the companies were targeted 1-3 times during the 26-week period of the study.
A total of over 53,000 domains have been used for phishing. Of these, more than 12,000 are said to be registered maliciously by cybercriminals. The major rise since H2 2012, when there were only 5,835 domains registered by phishers, is attributed to a sudden increase in domain registrations made by China-based actors.
Illumintel President Greg Aaron, a co-author of the study, said, “A large portion of phishing attacks used domain registration, hosting, and payment processing companies in different countries. As a result, everyone ended up losing--except the phishers. It’s a reminder that timely, international cooperation in the private sector is needed in order to combat e-crime.”
The APWG report also shows that the average and median uptimes of phishing attacks are increasing. It also highlights the fact that 27% of such cybercriminal operations leverage vulnerable hosting providers that are inadvertently contributing to phishing.
The complete Global Phishing Survey is available on APWG’s website.