A record number of brands were targeted by phishers in the second quarter of 2013, according to APWG. A total of 639 unique brands were targeted by phishing attacks in the period, topping the previous high of 614 seen in the fourth quarter of 2012.
The trend indicates that cybercrime gangs are spending time looking for new companies and Internet users to victimize. The total number of unique phishing websites was up slightly, from 118,073 in Q1 to 119,101 in Q2.
“The landscape continues to evolve as fraudsters seek new victims in untapped markets by targeting more brands,” said Ihab Shraim, CISO and Vice President Anti-Fraud Engineering and Operations at MarkMonitor.
The report also documents other shifts in criminal behavior. Russia has traditionally been near the top of the list of countries where phishing websites have been hosted. But in June 2013, phishing on Russian hosting facilities almost disappeared, with Kazakhstan suddenly appearing in the number 2 spot.
A spate of phishing websites hosted in Hong Kong flared and then disappeared in April. And in May, Germany briefly surpassed the United States as the top country hosting websites serving up phishing-based Trojans and downloaders.
“The portability of a phishing infrastructure is well-documented, and criminals continue to attempt to evade detection and shut-downs by moving their infrastructure around,” said Carl Leonard of Websense Security Labs.
The amount of new malware samples continued to rise. In the second quarter of 2013, 12 percent more unique malware samples were identified than in the same period last year, and an increase of 17 percent in 2013. Trojans were the most popular, accounting for 77.2 percent of all new malware created.