A new phishing survey released by the Anti-Phishing Working Group (APWG) reveals that in the second half of 2011, China’s Taobao.com became the world’s most frequently phished brand target, exceeding the previously most-victimized brand, PayPal.
Taobao.com is one of China’s largest e-commerce sites, specializing in business-to-consumer and consumer-to-consumer transactions, similar to eBay and Amazon.
For several years, PayPal had been the world’s most frequent phishing target, due to PayPal’s ubiquity and its popularity with consumers. In 2H2011, there were 18,508 phishing attacks against Taobao.com – 22 percent of all the phishing attacks recorded worldwide. There was also drop in attacks against PayPal.
“Attacks by Chinese phishers have exploded, as they take advantage of China’s stream of new Internet users,” said Greg Aaron of Afilias, one of the report’s co-authors. “But the problem is not limited to China—these phishers use hosting and domain names based in the U.S. and Europe. It’s a reminder that e-crime often requires international solutions. Fortunately there is data-sharing and cooperation happening to combat the problem.”
Globally, for the first time, malicious use of subdomain registration services eclipsed the registration of regular domain names by phishers.
There were 17,390 phishing attacks hosted on subdomain services in the second half of 2011, using 16,664 unique subdomains. This was a 38 percent increase from the 12,574 attacks we recorded in 1H2011.
“This is a clear example of phishers gravitating towards services they can readily abuse,” said Rod Rasmussen, CTO of Internet Identity and the study’s other co-author. “Use of subdomain services is a challenge because only the subdomain providers themselves can effectively mitigate these phish. While many of these services are responsive to complaints, few take proactive measures to keep criminals from abusing their services in the first place.”
Other highlights of the report include:
- In 2H2011, the average uptimes of all phishing attacks dropped notably.
- The number of targeted institutions dropped, as phishers concentrated on larger or more popular targets.
- Malicious domain name registrations are concentrated by domain registrar, and by TLD.
For more details, get the report.