Home / News

Criminals Using New Phishing Techniques to Hide from Victims and Investigators, Reports APWG

By CircleID Reporter
  • December 13, 2018, 7:53 pm PST
  • Views: 15,133
  • Add Comment

Most-Targeted Industry Sectors, 3Q 2018 from APWG Phishing Activity Trends ReportAccording to the APWG’s new Phishing Activity Trends Report released today, phishers are using new techniques to carry out their attacks and hide their origins in order to make the most of every phishing campaign. From the report: “Phishers are increasingly using web page redirects as a way of hiding their phishing sites from detection. When victims click on links in phishing emails, redirects take the user on an unwitting journey through other sites before arriving at the phishing site itself. And then once the victim submits his or her credentials, still more redirects make take the victim to yet another domain.”

“The researchers at APWG member PhishLabs have observed that half of all phishing sites now use SSL encryption, which can fool users into thinking that a site is safe to use, for example, by virtue of the green lock symbol that appears in the browser address bar when SSL encryption is enabled. Some of the increase comes from phishers adding HTTP encryption to their phishing sites—a technique that turns a security feature against the victims.”

“Certain top-level domains have notable amounts of phishing in them, both in absolute and relative terms. Some of this phishing is attributable to phishers who register in top-level domains that offer domain names for free.”

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

View All Topics