The anti-phishing working group (APWG) published a report on phishing in the
first half of 2011:
http://www.apwg.org/reports/APWG_GlobalPhishingSurvey_1H2011.pdf
Lots of statistics on phishing, such as a significant rise in attacks compared
to the previous six months, which was largely due to attacks on Chinese
organisations and their customers.
One thing I found interesting, and which prompted me to post about it here, is
that only 2% of the phishing domains contained the brand name of a variation
thereof (e.g. paypaI dot com) and they've only seen two examples of phishing
attacks using IDNs and homographs (e.g. fácebook dot com) in since 2007.
Also, only 18% of the domains used (down from 28%) were registered by the
phishers themselves; the other domains were hacked or compromised.
It suggests that phishers do care about the reputation of domains as used by
email/web filters (does the domain have a history of legitimate content?), but
little about reputation among users (does the domain look like the one I expect
for this site?).
I'm not sure about their definition of 'phishing'. This could have some
influence on their statistics.
Martijn.
Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England.
Company Reg No: 2388295. VAT Reg No: GB 532 5598 33.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg