Home / Industry

Phishers Beware!

The days of viral phishing are over. Since its inception, phishing, has always been a criminal magnet. It has a low start-up cost and few barriers to entry. At .ORG, Public Interest Registry, we work hard to combat phishing attacks. So much so, phishers have largely stopped registering domains on both .ORG and .INFO. In 2009, phishing reached an all time peak with a shocking number of attacks. In a new report by Boston-based APWG , called the Global Phishing Report, authors Greg Aaron and Rod Rasmussen delve into the attacks of 2009 and highlight the dangers of "phishing gangs."

According to the report, the gravity of phishing attacks which occurred in 2009 is alarming. The number of phishing URLs reported in the second half of 2009 were at about 125,000, more than double the attacks in the first half of the year. Additionally, the attacks occurred on about 30,000 unique domain names. Phish were also detected on over 2,000 unique IP addresses rather than on domain names, and of the 29,000 phishing domains, about 6,400 were registered maliciously by phishers. What's more shocking is that of those 6,400, about 4,100 were registered by one terrible player in the internet space — a dreaded beast called the Avalanche.

To date, Avalanche was one of the most sophisticated and damaging phishing tools on the Internet. It perfected a mass production system for deploying other phishing sites and malware, designed specifically to automate identity theft and facilitate authorized transactions from consumer bank accounts. This application was so vindictive that it was responsible for two-thirds of all attacks launched in the second half of 2009 and was responsible for the overall increase in phishing attacks ever recorded on the Internet.

Phishers are attracted to websites that are rich in registrants. Thus, .ORG has a large number of phish on compromised Web sites. However, .ORG's non-Avalanche phishing times are far below average. So much so, that the great majority of phishing is concentrated in just a few namespaces. In fact, 76% of all phishing occurred in just four TLD's: .COM, .EU, .NET, and .UK.

This informative APWG report thoroughly showcases the risk phishers pose to sites. At PIR, we are always working and advancing our preventative systems and remain committed to blocking phishers from registering on our domains.

Written by Alexa Raad, Chief Executive Officer of Public Interest Registry

About PIR

PIR

Trusted across all ages, backgrounds and nationalities, .ORG is where people turn to find credible information, get involved, fund causes and support advocacy. .ORG, The Public Interest Registry empowers the global noncommercial community to use the Internet more effectively and, concurrently, takes a leadership position among Internet stakeholders on policy and related issues on behalf of the .ORG Community. (Learn More)

Related topics: Cybercrime, DNS, Domain Names, Registry Services, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Adrian Kinderis Appointed as Chair of Domain Name Association

Internet Reaches 271 Million Domain Names in the Fourth Quarter of 2013

Why We Decided to Stop Offering Free Accounts

The Future of Chinese Domain Names (a Panel Discussion)

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Afilias Chairman Appointed to Domain Name Association Board

.BUILD Enters Landrush with Support of ARI Registry Services

Dyn Acquires Managed DNS Provider Nettica

Radix Awards Contracts for .website, .host, .space, and .press to CentralNic plc

Afilias Welcomes "Dot Chinese Online" and "Dot Chinese Website" Top-Level Domains to the Internet

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Joining Forces to Advance Protection Against Growing Diversity of DDoS Attacks

Afilias Welcomes .ONL and .RICH to the Internet

Why Managed DNS Means Secure DNS

Neustar Selected to Continue Administering the .US Domain

The Practicalities of a New Domain Launch

Neustar Launches First Site Under '.Neustar' - Its Own Branded TLD

New Internet Top Level Domain ".One" Goes to Highest Bidder in Historic Auction

Sponsored Topics