TMCnet News
APWG Cybercrime Report: Number of Phishing Reports Surged Though Q4 2011CAMBRIDGE, Mass. --(Business Wire)-- The APWG reports in its H2 2011 Phishing Activity Trends Report released this week that the number of unique phishing reports submitted to the organization rose substantially from early fall through the end of the year, while cybercrime gangs were apparently forced to work harder and smarter to fool increasingly fraud-savvy consumers into falling for their confidence schemes. The number of unique phishing reports submitted to the APWG during H2 2011 climbed to a high of 32,979 in December, some 19 percent lower than the all-time high of 40,621 reports recorded in August 2009. "As expected, during the second half of 2011, phishing attack campaigns continued to increase as we approached the holiday season," said Ihab Shraim, CISO and VP, AntiFraud Operations and Engineering, MarkMonitor and Trends Report contributing analyst. "We detected 23 percent more phishing attacks in the second half of 2011 than we saw in the first half of 2011." However, the techniques used to obscure the true source of those phishing communications changed markedly over the half, as cybercrime gangs apparently had to work harder to fool consumers into falling for their scams. Carl Leonard, a Trends Report contributing analyst from Websense Security Labs said, "Over the last half of 2011 there was a visible trend of phishers and scammers seeking to hide their intentions. Even fewer phishing websites are using the oh-so-obvious IP host to host their fake login pages, instead preferring to host on a compromised domain. "There has been a 16 percent drop in the number of phishing URLs containing the spoofed company name in the URL. These combined trends show how phishers are adapting to users becoming more informed and knowledgeable about the traits of a typical phish," Leonard said. Meanwhile, Trends Report contributors observed a substantial increase in the distribution of Trojan programs used by cybercrime gangs to animate their data-stealing schemes on users' PCs and mobile devices. Luis Corrons, PandaLabs Technical Director and APWG Trends Report contributing analyst, said the growth of Trojans, in fact, were substantial during the half, growing to 73 percent of all malware sampled by the end of 2011, up from 60 percent in 2009 and 56 percent in 2010. Corrons added that all other malware categories have lost ground with respect to Trojans during H2 2011. The focus for many cybercrime technology developers in H2 2011 has been on malware targeting mobile devices, according to Websense's Leonard.
The full text of the report is available here: http://apwg.org/reports/apwg_trends_report_h2_2011.pdf Other highlights of the report include: ? Trojan malware has continued to proliferate, becoming the dominant technology of choice for e-criminals. ? During the second half of 2011, phishing attacks increased as the holiday season approached. There were 23 percent more phishing attacks than in the first half of 2011. ? Financial Services continued to be the most-targeted industry sector in the second half of 2011. ? During the six-month period, most phishing-based Trojans were hosted in the USA. ? From July to December 2011, 14 million new malware samples were recorded, making a total of 26 million new malware samples in 2011. ? Some 39 percent of the world's PCs are infected with malware of some type. Chinese PCs are infected more frequently than anywhere in the world, while Europe has the lowest infection rate. About the APWG The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,000 companies, government agencies and NGOs participating in the APWG worldwide. The APWG's <www.apwg.org> and <education.apwg.org= websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the Stop. Think. Connect. Messaging Convention, the global online safety public awareness collaborative <www.stopthinkconnect.org> and founder/curator of the eCrime Researchers Summit, the world's only peer-reviewed conference dedicated specifically to electronic crime studies <www.ecrimeresearch.org>. Among APWG's corporate sponsors are as follows: Afilias Ltd., AhnLab, AT&T(T), Avast!, AVG Technologies, BBN Technologies, Barracuda Networks, BillMeLater, Bkav, Booz Allen Hamilton, Blue Coat, BrandMail, BrandProtect, Bsecure Technologies, Check Point Software (News - Alert) Technologies , Comcast, CSIRTBANELCO, Cyber Defender, Cyveillance, Domain Tools, Easy Solutions, eBay/PayPal (EBAY), eCert, EC Cert, ESET, EST Soft, Facebook, Fortinet, FraudWatch International, F-Secure (News - Alert), GlobalSign, GoDaddy, Google, GroupIB, Hauri, HitachiJoHo, Huawei Symantec, ICANN, Iconix, IID, IronPort, ING Bank, Intuit, IT Matrix, Kindsight, LaCaixa, Lenos Software, MailShell, MarkMonitor, M86Security, McAfee (MFE), Melbourne IT, MessageLevel, Microsoft (MSFT), MicroWorld, Mirapoint, MyPW, nProtect Online Security, Netcraft, Network Solutions, NeuStar (News - Alert), Nominet, Nominum, Public Interest Registry, Panda Software, Phishlabs, Phishme.com, Phorm, Planty.net, Prevx, Proofpoint, Return Path , RSA Security (EMC (News - Alert)), RuleSpace , SAIC (From Science to Solutions), SalesForce, SecureBrain, S21sec, SIDN, SoftForum, SoftLayer, SoftSecurity, SunTrust, SurfControl, Symantec (SYMC), Tagged, TDS Telecom, Telefonica (News - Alert) (TEF), TransCreditBank, Trend Micro (TMIC), Vasco (VDSI), VeriSign (VRSN), Websense Inc. (WBSN), Wombat Security Technologies, Yahoo! (YHOO), zvelo and ZYNGA.
|
