APWG Reports Record Spike in Phishing Websites
Fraudsters are phishing the Internet in record numbers, according to the latest report from the APWG.
The industry consortium said at its conference in Puerto Rico this week that phishing websites proliferated at record speed in the first half of 2012.
And while the uptime of phishing websites – phony sites that steal credentials for later use by cyber thieves – dropped, meaning they were spotted and taken down more quickly, more sites than ever are appearing, the APWG said.
"Phishers seem to be concentrating their efforts on compromising legitimate websites using automated attack tools, or purchasing access to them on the burgeoning underground market," said Rod Rasmussen, CTO of Internet Identity in Tacoma, Wash., and co-author of “Global Phishing Survey: Trends and Domain Name Use in 1H2012.”
Rasmussen said average uptimes of phishing attacks dropped to a record low of 23 hours and 10 minutes in the first half of the year, about half of what it was in late 2011, and by far the lowest since the report series was inaugurated in January 2008.
But the study also found that there were more phishing attacks in the period – at least 93,462, up 12% from the last six month of 2011.
The report highlights a major increase in the use of tactic that allows a criminal phisher to create hundreds of phish at once. Shared hosting is a growing phenomenon, using Web servers that host a large number of domains and allowing thousands of websites at a time to be infected with malware that can be used to steal funds electronically.
The full report is available online.
Founded as the Anti-Phishing Working Group in 2003, the APWG is a global coalition of more than 2,000 industry, law enforcement and government coalition members focused on unifying the response to electronic crime.