Phishing websites reach all-time high
New detection technnology accounts in part for the rise, which shows how cybercriminals are still hard at work
IDG News Service - The number of phishing websites detected reached an all-time high earlier this year, a sign that making fake websites spoofing real ones is still a lucrative trade for cybercriminals.
In its latest report, the Anti-Phishing Working Group (APWG) said 56,859 phishing sites were detected in February, beating the previous record high in August 2009 by nearly 1 percent. APWG is a nonprofit consortium composed of banks, security vendors and others with a stake in tracking cybercrime trends.
Phishing sites are websites that look nearly identical to the legitimate ones and often mimic known brands. Leveraging the trust users put in the legitimate companies, cybercriminals succeed in tricking victims into divulging logins, passwords and other sensitive information.
The APWG noted in its report that the increase in the number of phishing websites was in part due to new technology that it began using earlier this year to detect fraudulent sites.
More than 38 percent of the fake websites were related to financial services, according to the APWG's report. The second most spoofed market vertical was payment services, followed by retail and other service sites. The sites spoofed 392 brands, also a new record.
"All manner of commerce is transacted online today and in that are opportunities for new and provocative scams, leveraging some part of the customer-enterprise relationship that is unique to the domain," said Peter Cassidy, secretary general of the APWG. "People are tougher to fool with phishing, but they still can be in the hands of a creative scam artisan."
The U.S. hosted the most fake sites. About half of the phishing sites for the first quarter of 2012 used some form of a brand in their URL, which often tricks people.
On the bright side, though, phishing sites are being taken down faster than ever due to better security technologies. But "the problem is a lot of campaign schemes are built around deployment of lots of landing websites for a single campaign to complicate the work of putting down the attacks," Cassidy said.
Send news tips and comments to email@example.com
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Malware and Vulnerabilities White Papers | Webcasts