APWG Finds Phishers Lurk in Familiar Waters
A survey of phishing attack targets by the Anti-Phishing Working Group found that many of them were repeat victims of hackers.
The APWG's Internet Policy Committee began an online survey about 18 months ago that sought input from managers of websites that had been exploited in phishing attacks and other malevolent efforts.
Of the 270 who completed surveys through March, 37% said they had phishing or spoof sites planted on their Web servers two or more times, which the APWG said speaks to the difficulty of securing an online enterprise.
The most frequently attacked operating system among survey respondents was Linux OS
(76%). Attack victims reported that they used Apache as their Web server in 81% of the responses, MySQL as their database application in 81% of the responses, and PHP/Java as their application platform in 82% of responses.
“While we acknowledge that ‘LAMP’—Linux, Apache, MySQL, PHP—is the most popular Web operating environment, the APWG IPC is concerned that this profile is exploited with such apparent frequency,” the industry trade group said in a report.
“Phishers value compromised Web sites highly because they are much harder for interveners to take down. They're confident that they'll be able to identify and exploit sites, and do so repeatedly. Victims are not mitigating exploits entirely or are not implementing adequate measures to keep them away,” said APWG Research Fellow Dave Piscitello of ICANN.