Home / News I have a News Tip

Phishers Expand Number of Top Level Domains Abused, Policy Changes Found Effective in Prevention

The new Global Phishing Survey released by the Anti-Phishing Working Group (APWG) this month reveals that phishing gangs are concentrating their efforts within specific top level domains (TLDs), but also that anti-phishing policies and mitigation programs by domain name registrars and registries can have a significant and positive effect.

For this new study, covering the first half of 2008, Rod Rasmussen of Internet Identity and Greg Aaron of Afilias surveyed 47,324 unique phishing attacks located on 26,678 unique domain names. The number of TLDs abused by phishers for their attacks expanded 7 percent from 145 in H2/2007 to 155 in H1/2008. The proportion of Internet-protocol (IP) number-based phishing sites decreased 35 percent in that same period, declining from 18 percent in the second half of 2007 to 13 percent in the first half of 2008.

The full report is available for download here (press release).

Related topics: Cybersecurity, Domain Names, Policy & Regulation, Registry Services, Spam, Top-Level Domains

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Comments

Whois Proxy Correlation? Paul Stahura  –  Nov 25, 2008 1:18 PM PDT

Its interesting that of two TLDs - .biz and .us, which are about the same size and run by the same operator, that .us has a higher score (more phishing) than .biz, while one of the only differences between these two TLDs is the .us does not allow proxy services and .biz does.  There seems to be an inverse correlation - no proxy allowed gets more phishing - which may deserve more investigation.

Paul - that might be within statistical error limits? Suresh Ramasubramanian  –  Nov 27, 2008 3:55 AM PDT

biz and us are certainly far lower down on the list of most abused TLDs than com, cn, info ..

They used to have a much more massive problem earlier, mostly with spam sites - but that seems to have been resolved ages back.

I'm not comparing .biz to .com Paul Stahura  –  Nov 30, 2008 11:24 AM PDT

Its like running an experiement.  Try to keep as many variables constant as you can, so you can see the effect of the single variable you are changing.  .biz and .us have many variables in common, except one major variable: .us does not allow proxy whois registrations, and .us does. Thanks to this report we can compare these two TLDs when it comes to phishing. It was said that proxy whois registrations lead to more phishing.  Comparing these two very similar TLDs shows that apparently that is not the case.

I meant... Paul Stahura  –  Nov 30, 2008 11:25 AM PDT

.us does not allow proxy whois registrations, and .biz (not .us) does.

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

DNS Security

Sponsored by Afilias

IP Addressing

Sponsored by Avenue4 LLC

Mobile Internet

Sponsored by Afilias Mobile & Web Services

Cybersecurity

Sponsored by Verisign

Promoted Posts

Buying or Selling IPv4 Addresses?

ACCELR/8 is a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s to keep pace with the evolving demands of the market by applying processes that have delivered value for many of the largest market participants. more»

Industry Updates – Sponsored Posts

Domain Registrations Reach 331.9 Million, 6.7 Million Growth Year over Year

.brands Spotlight: Banking and Finance Industries

Google Buys Business.Site Domain for 'Google My Business'

Radix Announces Global Web Design Contest, F3.space

Global Domain Name Registrations Reach 330.6 Million, 1.3 Million Growth in First Quarter of 2017

.TECH Gets Its Big Hollywood Break

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Why the Record Number of Reverse Domain Name Hijacking UDRP Filings in 2016?

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

UDRP: Better Late than Never - ICA Applauds WIPO for Removing Misguided 'Retroactive Bad Faith'

The Rise and Fall of the UDRP Theory of 'Retroactive Bad Faith'

.PRESS Supports Press Freedom Day for 3rd Consecutive Year

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

i2Coalition to Present Tucows CEO Elliot Noss With Internet Community Leadership Award

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016