Phishers Grow Clever, Focus on the Money - Upward Trend
(Page 2 of 4 )
The Anti-Phishing Working Group said that the number of phishing reports it received came close to doubling in the seven months from December 2005 to June 2006, after remaining nearly stable from June 2005 through that December. In fact, the rise in reports between May and June was the largest ever recorded; more than eight thousand more attacks occurred in June than in May. The unique phishing reports (not multiple people submitting the same email) totaled 28,571. The one bit of cold comfort from this report is that the APWG believes most of this increase is due to its addition of new feed sources, which increased its sample size.
The number of unique phishing sites is no cause for complacency, however. They also came close to doubling over the course of a year, going from 4,280 in June 2005 to 9,255 in June 2006. It should come as no surprise that most phishers use port 80, which is also used for HTTP. It should also come as no surprise that more than 90 percent of all phishing attacks pretend to be from financial services industries such as banks and credit card companies.
Phishing sites are hosted by many companies, but this is still one area -- unfortunately -- where the United States leads the world. More than 35 percent of all phishing websites are hosted in the U.S., followed by China with 15 percent and the Republic of Korea with just over 10 percent. Sites do get pulled down, but probably not fast enough: on average, a phishing site is online for almost five days. The longest time the APWG knows of a phishing site staying online is 31 days. Even after a phishing site is pulled down by its ISP, it's worth noting that many phishers can simply go to another web host and quickly be back in business.
More Web Hosting News Articles
More By Terri Wells