TMCnet News

APWG: eCrime Web Site Longevity Drops
[October 26, 2009]

APWG: eCrime Web Site Longevity Drops


Oct 27, 2009 (Close-Up Media via COMTEX) -- A new phishing survey released by the Anti-Phishing Work Group (APWG) reveals that the longevity of phishing Web sites dropped by 25 percent over the last year.

Uptimes are a vital measure of how damaging phishing attacks are -- the longer a phishing attack remains active, the more victims there can be. The decrease indicates collective progress is being made by the parties that fight phishing, and may be attributable to improved policies and operations at Internet infrastructure providers, brandholders, domain name registrars and registries, and private Internet security providers.

The "Global Phishing Survey: Trends and Domain Name Use in 1H2009" study found that phishing Web site longevity dropped to an average 39 hours in the first half of 2009, down from an average of 52 hours recorded in the second half of 2008.

The survey also revealed that a single criminal syndicate dubbed "Avalanche" was responsible for nearly one quarter of all phishing attacks in the first half of 2009. Indications are that the gang is continuing to claim a larger proportion of all detected phishing attacks.


"We're pleased to see that phishing site lifetimes are being positively affected," said Rod Rasmussen, co-author of the study and CTO of Internet Identity. "In particular, the survey demonstrates how anti-abuse programs at domain registries can have an immediate impact on the problem." "The results also show that on the Internet, action and involvement by responsible parties can really help Internet users," said Greg Aaron, co-author and Director of Domain Security at Afilias. "When everyone takes responsibility and does their part to make it a safer place, good things happen. We think that is what we are seeing in the results of this study, and we'd all like to see more." Other highlights from the report include: - The amount of Internet domain names and numbers used for phishing has remained fairly steady over the past two years.

- Phishing attack and uptime statistics for all top-level domains (TLDs).

- Statistics for phishing perpetrated on hacked Web servers The APWG, founded in 2003 as the Anti-Phishing Working Group, is an industry, law enforcement, and government coalition focused on eliminating the identity theft and fraud that result from the growing problem of phishing, email spoofing, and crimeware.

APWG's corporate sponsors are as follows: AT&T, Able NV, Afilias, AhnLab, AVG Technologies, BillMeLater, BBN Technologies, Blue Coat, BlueStreak, BrandMail, BrandProtect, Bsecure Technologies, Check Point Software Technologies, Cisco, Clear Search, Cloudmark, Cyveillance, DigiCert, DigitalEnvoy, DigitalResolve, Digital River, Easy Solutions, eBay/PayPal, Entrust, eEye, Fortinet, FraudWatch International, FrontPorch, F-Secure, Goodmail Systems, GeoTrust, GlobalSign, GoDaddy, Goodmail Systems, GuardID Systems, HomeAway, IronPort, HitachiJoHo, ING Bank, Iconix, Internet Identity, Internet Security Systems, Intuit, IOvation, IronPort, IS3, IT Matrix, Kaspersky Labs, Kindsight, Lenos Software, LightSpeed Systems, MailFrontier, MailShell, MarkMonitor, Marshall8e6, McAfee, MasterCard, MessageLevel, Microsoft, MicroWorld, Mirapoint, MySpace, MyPW, MX Logic, NameProtect, National Australia Bank, Netcraft, NetStar, Network Solutions, NeuStar, Nominum, Panda Software, Phoenix Technologies, Phishme.com, Phorm, Prevx, The Planet, SIDN, SalesForce, Radialpoint, RSA Security, RuleSpace, SecureBrain, Secure Computing, S21sec, Sigaba, SoftForum, Sophos, SquareTrade, SurfControl, SunTrust, Symantec, TDS Telecom, Telefonica, Trend Micro, Tricerion, TriCipher, TrustedID, Tumbleweed Communications, Vasco, VeriSign, Visa, Wal-Mart, Websense and Yahoo!.

((Comments on this story may be sent to [email protected]))

[ Back To TMCnet.com's Homepage ]