The Anti-Phishing Working Group (APWG) has released its Phishing Activity Trends Report report for the second half of 2008. In it, the APWG says there was a tremendous spike in Phishing-related scams that resulted in Malware designed to steal passwords.
APWG releases Phishing report for second half of 2008.(IMG:J.Anderson)
In December of 2008, the APWG recorded 31,173 sites that were linked to Phishing and password-stealing Malware. This is a jump of over 800 percent when compared to the figures from January 2008.
Unique brand-domain pairs rose to a high of 11,006 in October. Shortly after the record rise, the trend tailed off and ended with a 28 percent short in December to 7,885 unique pairs. Brand-domain pairs count the instances of domains being used to target a specific brand.
"The jump in phishing URLs from August to October can be attributed to Phishers preying upon the uncertainty in the financial markets while the drop off in November and December is a seasonal trend," said Blake Hayward, vice president of product marketing at MarkMonitor and APWG Phishing Activity Trends Report contributing analyst.
"The continued rise in targeted brands suggests that Phishers are scaling their operations to conduct multi brand attacks," added Hayward.
Financial Services continued to be the most targeted industry sector during the second half of 2008. In addition, there was an increase in targeted attacks towards social media and networking sites such as MySpace and Facebook.
Payment Services saw the most dramatic change, with an increase of more than 34 percent in the number of attacks from Q3 to Q4 of 2008.
The number of rogue anti-Virus (AV) programs leapt a massive 225 percent from 2,850 in July to 9,287 in December, more than tripling the number of detected rogue AV programs discovered during the summer.
"Rogue anti-Malware applications are not something new," said Luis Corrons, technical director at Panda Labs and APWG Phishing Activity Trends Report contributing analyst. "They have been around for a few years. But it was not until mid-2008 when cybercriminals realized that this form of attack was a great way to obtain fresh money from users."
When you consider the growing number of transit methods used to spread a rogue AV package, such as via Trojans, as well as the seemingly endless variants of rogue AVs, criminals are working hard to overwhelm the legitimate anit-Virus companies.
Adding to this is the ability of certain rogue AV programs to disable authentic anti-Virus software, killing protective processes from some of the larger vendors such as Symantec, Kaspersky, McAfee, and Panda.
"It’s war: cybercriminals vs. anti-Malware companies," added Corrons. "We've been fighting Malware for 20 years, so we know what we have to do. The next step from their side is clear by taking a look at the data from December – they are trying to ‘DDoS’ the antimalware labs."
The full report can be viewed here.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Comment on this Story