/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsCAMBRIDGE, ENGLAND: The APWG reported in its latest Global Phishing Survey: Trends and Domain Name Use study released late last month that cybercrime gangs are accelerating their substitution of targeted brands at an alarming new pace.
"Phishers appear to be looking for companies that are newly popular, have vulnerable user bases, and/or are not ready to defend themselves against phishing. From the results of our latest survey, it is obvious that most any enterprise with an online presence can be a phishing target", the study revealed.
The authors revealed in the report of 2H 2013 phishing activity and DNS abuse that of the 681 targets that were phished in 2H 2013, some 324, almost half, were not phished in 1H2013. This is an unusual amount of turnover, and shows phishers trying out new targets at an alarmingly accelerated new tempo.
The complete report is available here: http://docs.apwg.org/reports/APWG_GlobalPhishingSurvey_2H2013.pdf
Co-author Greg Aaron of Illumintel, said: "Phishers appear to be looking for companies that are newly popular, have vulnerable user bases, and/or are not ready to defend themselves against phishing. From the results of our latest survey, it is obvious that most any enterprise with an online presence can be a phishing target."
As if to illustrate the trend toward rapidly expanding phishers' target base, APWG Research Fellow Gary Warner reported this month phishing attacks using an online survey form against the Irish convenience store and grocery chain CENTRA.
The report also follows the continuing explosion of phishing activity in China. The authors found that phishers attacking Chinese brands were responsible for 85 percent of the domain names that were registered for specifically for mounting phishing campaigns.
"Malicious domain names meaning domain names registered by phishers directly, were at an all-time high, nearly twice any prior survey. These domains were largely registered by Chinese phishers to attack Chinese targets but were registered in several TLDs at numerous registrars around the world, making it ever more important for registrars and registries to be on the lookout for fraudulent registration attempts," said report co-author Rod Rasmussen of IID.
Average uptimes of phishing attacks declined, and were close to historic lows, pointing to successes being routinized by anti-phishing responders and the enduring prevalence of shared virtual server attacks which attract attention and batched take-downs.