All the latest UK technology news, reviews and analysis
|
|
|
30 May 2007
The number of unique phishing websites detected by the Anti-Phishing Working Group (APWG) rose by a factor of 2.5 to 55,643 between March and April 2007.
The figures form part of the APWG's Phishing Activity Trends Report (PDF) which highlighted aggressive sub-domain phishing tactics in which phishers load a large number of dangerous URLs on the same domain.
This method is similar to tactics employed by phishing gangs in late 2006, when phishers were placing thousands of phishing URLs under the same domain.
"They are trying to overwhelm the filtering mechanisms in browsers and anti-phishing programs by using many URLs, some of which may resolve to the same phishing site," said Peter Cassidy, secretary general of the APWG.
Phishers create unique URLs by randomising the subdomain of a registered site to create new addresses that are not found on security software blacklists, thereby avoiding detection.
Financial services continue to be the most targeted industry sector at 92.5 per cent of all attacks in April, followed by social networking sites, VoIP companies and large web-based email providers.
The US continued to host the most phishing websites and several large US banks were among the most-attacked brands. Two top US banks were targeted for at least two months in a row.
A large number of European banks were hit in April, making up seven of the 20 most targeted brands over the course of the month.
Despite the huge jump in phishing sites, the unique phishing reports submitted to the APWG in April was 23,656, a drop of over 1,000 from March.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
Orange and Intel talk us through the ins and outs of their San Diego smartphone
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
BUSINESS SYSTEMS DIRECTOR (You will ideally have worked...
Application Production Engineer - Application Engineer...
C#/ C++ * Software Engineer* 3D Graphics skills - Global...
Senior Low Latency Consultant, Low Latency Project Management...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
The ISP's should do more
The situation would be a lot better if ISP's blocked known spammers. My ISP offered a service but it was no better than the spam filtering in Outlook. My domain received on average 70% spam per day and it's all the usual stuff. It's more of an annoyance than anything else. ISP's should be forced to at the very least filter IP addresses at the smtp gateway to block known spammers!
Posted by: Crookie 21 Jun 2007
Spam, phishing, viruses? Time to lay the blame on the ISP
I have just been inundated with rubbish from: support[+a 4-figure number]@paypal.de. The Help page from my ISP (Onetel.com) is as clear as a starless sky on a stormy night. I use Norton Antivirus, so my computer should be protected against any intruders. I have decided that my ISP is as responsible as I am in protecting myself (after all, I pay them!). Therefore, instead of simply creating a black list, I ask My Norton or Outlook Express, not to download from server. This is my small protest. Once the ISPs are clogged with rubbish, I am sure they will wake up.
Posted by: MCLai 20 Jun 2007