APWG Report: Numbers of Brands Targeted by Cybercrime Gangs Sustain Record High in February and March
July 2012 by APWG
The APWG reports in its Q1 2012 Phishing Activity Trends Report released this week that the number of brands targeting by phishing attacks sustained an all-time high of 382 in February and March of this year, while cybercrime gangs deployed a record number of phishing websites during the same quarter.
APWG Secretary General Peter Cassidy said, “The reach and ambition of cybercrime gangs advances apace today, a decade on from when the first phishing attacks were reported. In the first quarter of the year, reports received by the APWG indicate new record highs in the numbers of attacks on identifiable brands, the numbers of phishing websites to lure Web users - and in the proportion of malware executables comprised of advanced Trojans for cybercrime.”
The APWG reports that February and March 2012 sustained an all-time high of 392 brands targeted by phishers. This was an 8 percent increase from the previous all-time high of 362, recorded in December 2011. The previous high before December was 356, reached in October 2009.
Meanwhile, the number of unique phishing sites detected in a single month by the APWG reached 56,859 in February, which was an all-time high. The February figure eclipsed the previous record high of 56,362, which was recorded in August 2009, by almost 1 percent.
In the first three months of 2012, PandaLabs identified more than six million unique malware samples. Most of the infections were caused by Trojans (80 percent of all new malware samples), setting a new record high. According to Luis Corrons, PandaLabs Technical Director and APWG Trends Report contributing analyst, “This demonstrates that massive worm epidemics have become a thing of the past, and have been replaced by a silent Trojan invasion.”
“Phishing measurements are up across the board, with one of the biggest increases we have ever seen in a single quarter, said Ihab Shraim, CISO and VP, AntiFraud Operations and Engineering, MarkMonitor. “[W]e also observed the payment services category returning to its position as the second-most-popular phishing sector and large increases in activity in the social networking, ISP, and government sectors, too.”
Carl Leonard of Websense Security Labs said, “This quarter, we saw an interesting scam using a pdf attachment as a lure to capture personally identifiable information. The information in that pdf file was a faked signed document from a popular global banking institution.”