Most Phishing Scams Spoof eBay Brand
A report from PhishTank reveals that online auction site eBay and its subsidiary payment site PayPal were used as lures in as many as 63,437 phishing e-mails.
PhishTank, the firm that monitors and clears phishing data and which OpenDNS operates, shares database with Yahoo! Mail, Mozilla and various other software companies. PhishTank was submitted with 300,000 separate phishing scams over the period October 2006-September 2007.
The use of spoof PayPal was in 31,719 e-mails, and fake eBay name was used in almost the same number of e-mails, according to the PhishTank report.
Different banks with verified phishes falsifying the brand were Barclays Bank in the third position with 6,515 spoof sites, Bank of America with 5,727 and Third Bank with 4,191 spoof sites that rounded up to the fifth place.
The report further showed that the maximum number of phishing attacks at 30% originated in the US. South Korea and China were the second and third worst hosting countries respectively.
David Ulevitch, Chief Executive Officer, OpenDNS, said that a majority of the phishing sites submitted to them tend to have the US as the hosting country although the domain names have different country codes. Typically, a DSL company or a residential cable based in the US host the phishing site. SCMagazine published this in news on October 12, 2007.
So the finding indicates that phishing scams originating wholly from foreign countries is a misconception. The problem of phishing is elated more to United States than what people generally know, said David Ulevitch. Darkreading published Ulevitch's statement on October 9, 2007.
An exception was in November 2006 when the US came down from the first rank with South Korea overtaking it.
The report also reveals that leading networks hosting the phishing sites belonged to SBC (53,666); Comcast (28,016); and Roadrunner (25,925). According to PhishTank, every two minutes, there is one new phishing attack being launched.
Some more important findings are: only three Internet Protocol (IP) addresses host 18% of the total phishing sites, and site URLs ending with .cn (China) belong to four of the five highest ranking Websites, with the maximum number of verified phishing scams.
» SPAMfighter News - 30-10-2007