TMCnet News
Anti-Phishing Working Group Announces December Phishing Trends Report; Financial Services Sector Increasingly TargetedMENLO PARK, Calif. & CAMBRIDGE, Mass. --(Business Wire)-- Jan. 24, 2005 -- The Anti-Phishing Working Group (APWG) today reported that the financial services sector peaked at 85% of all reported phishing attacks during December, a deepening concentration of a sector that ran usually between 70-80% of all reporting phishing attacks. APWG Chairman David Jevans said, "No brand is really safe, but it is interesting to note that the concentration on phishing attacks against financial institutions actually increased to a new high during a time when many were concerned that opportunistic phishers would spoof retail sites, using consumers urgency to keep their e-commerce accounts in order to complete their holiday shopping in time." The APWG report also suggests that the proliferation in the number of attack targets continues to rise, running from 44 in October, 51 in November to 55 in December. "The concurrent proliferation of targeted brands and concentration of phishing focus on financial institutions is, of course, disturbing. While not quite yet definable as a trend, the survey suggests movements in the fragmentation of brand targets that we will be asking our analysts to interrogate in greater depth in future reports," said Chairman Jevans. The report authored jointly by analysts from Websense(R) Security Labs(TM) and Tumbleweed Communications for the APWG shows the relentless increases in phishing attacks that have been apparent all through 2004: -- Number of active phishing sites reported in December: 1707 -- Average monthly growth rate in phishing sites July through December: 24% -- Number of brands hijacked by phishing campaigns in December: 55 -- Country hosting the most phishing websites in December: USA -- Contain some form of target name in URL: 24% -- No hostname just IP address: 63% -- Average time online for site: 5.9 days -- Longest time online for site: 30 days The full text of the report is available online at: http://antiphishing.org/APWG%20Phishing%20Activity%20Report%20-%20Dec ember%202004.pdf. (Due to its length, this URL may need to be copied/pasted into your Internet browser's address field. Remove the extra space if one exists.) The Anti-Phishing Working Group The APWG is the global counter-phishing organization of stakeholders confronting the phishing threat, including national law enforcement agencies, national regulatory agencies, global banks and financial institutions, national ISPs, ISVs, hardware vendors and e-commerce companies. The group, formed in 2003, has more than 1110 members worldwide from more than 700 companies and government agencies, as well as some 70 sponsors including: ActivCard (ACTI), Affinity, Aladdin Knowledge Systems, Anakam, Cloudmark, Corillian (CORI), Cyota, Cyveillance, Datanautics, DigitalEnvoy, Entrust (ENTU), Experian, eEye Digital Security, GeoTrust, GoDaddy, MarkMonitor, McAfee (MFE), MasterCard, MessageLevel, Microsoft (MSFT), NameProtect, NetIQ (NTIQ), PassMark, RSA Security (RSAS), SAIC, SecureBrain, Sigaba, Symantec (SYMC), Trend Micro (TMIC), Tumbleweed Communications (TMWD), Vasco (VDSI), VeriSign (VRSN), Visa, Visa Canada, Websense, Inc. (WBSN), WholeSecurity, 0Spam.net. |
