Phishers Compromise a Huge 81% of Legitimate Websites for Phishing

APWG (Anti-Phishing Working Group) through its latest research has discovered, of all domain names that are employed for malicious phishing, as many as 81% are legal that fraudsters have compromised.

In fact, according to APWG, of the total number of 30,454 phishing domains that APWG has been monitoring, phishers registered merely 5,591 domains. Another small number of phishing domains belonged to subsidiary domain resellers like ISPs or other services that rely on Web activities.

States APWG that phishing typically occurs on Web servers that have been compromised. According to it, the phishers host their fraudulent sites on these servers, while the operators of the sites get to know nothing about the happenings.

This technique therefore enables phishers to have free hosting, while efforts to shutdown the hosting account or domain name results in complications as it also adversely affects the site of the legitimate user. Typically, phishing through a site that has been compromised occurs within a subdirectory or on a subsidiary domain, where the operator of the site or visitors cannot easily notice the phishing activity.

Additionally, the reports states that in 13% of phishing assaults, phishers employed domains that they themselves created, while in 11% of incidences, sub-domains were used.

Moreover, during July-December 2008, about 6,340 sub-domains were employed to conduct phishing, a rise from 4,512 during January-June 2008.

Further, phishers keep on capturing specific Top-Level domains (TLDs) as well as specific registrars for domain names, while changing their choices from time to time. Approximately 57,000 phishing assaults globally attacked a particular organization or brand, a rise from about 47,300 during January-June 2008.

Also, the total of Internet numbers and names that phishers use has remained more or less constant during 2007-08. Phishers are as well closely watching for what do and do not trick users into falling for their ruses. Interestingly, fewer phishing attacks based on distinct IP addresses are being waged.

Meanwhile, according to a new advisory from APWG, users should determine the authenticity of the outside party, which warns that a particular site is compromised and that they need to investigate it for the arrest of future compromises.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 06-06-2009

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial