APWG Cybercrime Report: Cybergangs Accelerating Velocity of Targeted Brand Development
May 2014 by APWG
The APWG is reporting in its latest /Global Phishing Survey: Trends and Domain Name Use/ study released late last month that cybercrime gangs are accelerating their substitution of targeted brands at an alarming new pace.
The authors revealed in the report of 2H 2013 phishing activity and DNS abuse that of the 681 targets that were phished in 2H 2013, some 324, almost half, were not phished in 1H2013. This is an unusual amount of turnover, and shows phishers trying out new targets at an alarmingly accelerated new tempo.
The complete report is available here: http://docs.apwg.org/reports/APWG_G...
"Phishers appear to be looking for companies that are newly popular, have vulnerable user bases, and/or are not ready to defend themselves against phishing. From the results of our latest survey, it is obvious that most any enterprise with an online presence can be a phishing target," said report co-author Greg Aaron of Illumintel.
As if to illustrate the trend toward rapidly expanding phishers’ target
base, APWG Research Fellow Gary Warner reported this month
The report also follows the continuing explosion of phishing activity in China. The authors found that phishers attacking Chinese brands were responsible for 85 percent of the domain names that were registered for specifically for mounting phishing campaigns.
"Malicious domain names ---meaning domain names registered by phishers directly, were at an all-time high ---nearly twice any prior survey. These domains were largely registered by Chinese phishers to attack Chinese targets but were registered in several TLDs at numerous registrars around the world, making it ever more important for registrars and registries to be on the lookout for fraudulent registration attempts," said report co-author Rod Rasmussen of IID.
Average uptimes of phishing attacks declined, and were close to historic lows, pointing to successes being routinized by anti-phishing responders and the enduring prevalence of shared virtual server attacks (still some 18 percent of all campaigns) which attract attention and batched take-downs.