Home / Industry

New Monthly Fraud Intelligence Report Now Available

MarkMonitor has annonuced that it will be sharing a new, monthly Fraud Intelligence Report with customers and other interested parties. The goal of the report is to provide timely analysis of developing trends and new threats in the fraud landscape. The Fraud Intelligence Report will complement the current MarkMonitor analysis as provided in the semi-annual Brandjacking Index® reports and customer reports.

The headline findings of the April 2010 Fraud Intelligence Report are:

Phishing Attack Volume Continues to Grow

Phishing attack volume increased 33% to 36,557 attacks in April, continuing the growth trend from March; however, phishing attack volume has not returned to the level seen in April 2009.

Fewer Organizations Targeted

The number of targeted organizations decreased 9% to 270 in April, reversing a growth trend that began after December 2009, but the current level has returned to the level seen in April 2009.

Attacks per Organization Grow

Monthly attacks per organization grew 27% to 135 in April, suggesting a return to concentrated attacks on lucrative targets.

Payment Services Sector Continues as Most Popular Phishing Sector

The Payment Services sector was the primary sector favored by phishers, accounting for 41% of phish attacks in April. The Financial sector, historically the most popular phishing sector, accounted for 33% of phish attacks.

Social Network Phish Volume Declines

Phish targeting social networks declined 24% to 1,379 attacks in April, reversing the steep growth observed in March.

The US Continues to be Most Popular Phish Hosting Country

The US continued as the predominant country hosting phishing sites, accounting for 52% of phishing attacks in April. A notable new development was that Bulgaria grew almost 9,600% to jump from the #47 position to #2 and accounted for 6% of total phish.

An important major trend underlying the above points is that phishers have shifted their primary attack vector from fast-flux botnets to hacked websites. Phishing attacks hosted on fast-flux botnets hide behind a cloud of rapidly changing proxies but ultimately present a single point of failure — the malicious domain. Cybercriminals registered domains for multiple fast-flux phishing attacks targeting many brands. But these domains, and the multiple phishing attacks they hosted, could be detected (often preemptively), Fraudcasted, and shut down in high volumes.

In the meantime, hacked website-based phishing attacks became more prevalent. In these attacks, cybercriminals compromise legitimate domains and host their phish attacks on the subdomains. This effectively removes the single point of failure in fast-flux phishing attacks — now there is no malicious domain to detect, Fraudcast, and shut down. From the fourth quarter of 2009 onwards, the MarkMonitor Security Operations Center observed a dramatic decline in phishing attacks hosted on fast-flux botnets and an equally dramatic rise in phishing attacks hosted on hacked websites.

Download the report here: MarkMonitor Fraud Intelligence Report, April 2010

MarkMonitor

About MarkMonitor – MarkMonitor®, the world leader in enterprise brand protection uses a SaaS delivery model to provide advanced technology and expertise that protects the revenues and reputations of the world's leading brands. Learn More

Related topics: Cybercrime, Cybersecurity, Cybersquatting, Domain Names, Spam

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Related Blogs

Related News

Explore Topics

Dig Deeper

Verisign

Cybersecurity

Sponsored by Verisign
Afilias

DNS Security

Sponsored by Afilias
Afilias Mobile & Web Services

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Promoted Posts

Now Is the Time for .eco

.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Why the Record Number of Reverse Domain Name Hijacking UDRP Filings in 2016?

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

UDRP: Better Late than Never - ICA Applauds WIPO for Removing Misguided 'Retroactive Bad Faith'

The Rise and Fall of the UDRP Theory of 'Retroactive Bad Faith'

.PRESS Supports Press Freedom Day for 3rd Consecutive Year

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Don't Gamble With Your DNS

8 Tips to Find Your Perfect .COM Domain Name