14 DAY TRIAL // Everybody knows the phishing attacks are extremely dangerous for any Internet user, either protected or not, because they attempt to steal login credentials or bank information and use them in other malicious activities. Very often, a user can easily discover a phishing attempt, by analyzing the URL link. But, this is not a security measure anymore, as the attackers are now trying to use shorter links, in order to lure visitors to enter them.
Ralf Iffert, of IBM Internet Security Systems, wrote on the blog that most phishers adopted this strategy as a new technique of conducting exploit over the vulnerable users. However, it's not yet confirmed if this is only a test or if it's a new trend in phishing attacks.
"Over the last few months our Kassel based X-Force analysts have been observing host names within fraudulent phishing URL's consistently arrive with lengths of between 30 and 37 characters. Last weeks phishing statistics noted a significant change as we observed that these phishing host names have now shrunk to an average of only 17 characters in length," the ISS official wrote on the blog post.
Although the attackers aim to adopt new strategies and launch different exploits, the number of their attempts has not been reduced at all. Moreover, the number of the malicious emails sent to potential victims is constant, continuing to an "average between 0.2% and 1.6% of all spam mail volume", as the same source noted. That's why you're always advised to ignore untrusted emails and avoid clicking on the URL sent by unknown contacts.
"Overall, the phishers did not reduce the volume of their attacks, but appear to have adopted shorter URLs to avoid the suspicion of their potential victims. This means that the probability of the Phisher reusing a particular host name in multiple phishing emails has increased considerably," Ralf Iffert continued.