APWG correspondent researchers found that phishing attacks in the first half of 2011 rose to 17,693, up from the 12,282 attacks recorded in the second half of 2010. Chinese cybercriminals established 11,192 unique domain names and 3,629 .CC subdomains for these attacks, up from the 6,382 unique domain names plus 4,737 CO.CC subdomains deployed for such attacks in the second half of 2010.
Unlike most phishers, Chinese phishers do not use many hacked domains. Instead, they continue to register new domains, on which they set up their phishing pages. "The majority of Chinese phishing appears to be perpetrated by Chinese criminals attacking Chinese companies, with 88% of such attacks targeting a single service: Taobao.com," said Greg Aaron, a co-author of the report for Afilias. "With .CN domains difficult for criminals to obtain these days, these phishers had a major impact on other TLDs, where domains and subdomains are often easier and cheaper to obtain."
Cybercrime gangs in the first half of 2011 also optimised a previously obscure tactic, taking over a virtual shared server and leveraging every website on it, massively multiplying the number of landing domains available for phishing attacks. "By utilising hundreds of sites on a web server with a single compromise, phishers can greatly leverage stolen resources to create a wide web of phishing sites," said Rod Rasmussen, President and CTO of Internet Identity and co-author of the report. "This also allows them to spam lures using a wider variety of 'good reputation' domain names which can help evade anti-spam systems. Fortunately, these sites last shorter than others given the level of compromise, so in the end the technique is of dubious efficacy."
The researchers reported that counting 42,448 unique attacks that utilised this tactic, each using a different domain name, representing 37 percent of all phishing attacks worldwide. This large number of domain names accounts for much of the increase in phishing seen versus the second half of 2010.
Though the report found cybercrime gangs advancing on a number of technical fronts, some metrics indicated that cybercrime was being partly suppressed by a number of preventative measures and the application of routinised responses to cybercrime events by industry.
25/01/2012
Report shows 70% of both cybercriminals and targets are Chinese
San Diego, Ca
A new phishing survey released by the Anti-Phishing Working Group (APWG) at its conference has revealed that phishing attacks perpetrated against Chinese e-commerce and banking sites soared by 44 percent in the first half of 2011. Some 70 percent of all maliciously registered domain names in the world were established by Chinese cybercriminals for use against Chinese brands and enterprises.
Global
