Cybergangs accelerating velocity of targeted brand development

Cybercrime gangs are accelerating their substitution of targeted brands at an alarming new pace, according to a new APWG report.

Of the 681 targets that were phished in 2H 2013, some 324, almost half, were not phished in 1H2013. This is an unusual amount of turnover, and shows phishers trying out new targets at an alarmingly accelerated new tempo.

“Phishers appear to be looking for companies that are newly popular, have vulnerable user bases, and/or are not ready to defend themselves against phishing. From the results of our latest survey, it is obvious that most any enterprise with an online presence can be a phishing target,” said report co-author Greg Aaron of Illumintel.

As if to illustrate the trend toward rapidly expanding phishers’ target base, APWG Research Fellow Gary Warner reported this month phishing attacks using an online survey form against the Irish convenience store and grocery chain CENTRA.

There’s been a continuing explosion of phishing activity in China. Phishers attacking Chinese brands were responsible for 85 percent of the domain names that were registered for specifically for mounting phishing campaigns.

“Malicious domain names — meaning domain names registered by phishers directly, were at an all-time high — nearly twice any prior survey. These domains were largely registered by Chinese phishers to attack Chinese targets but were registered in several TLDs at numerous registrars around the world, making it ever more important for registrars and registries to be on the lookout for fraudulent registration attempts,” said report co-author Rod Rasmussen of IID.

Average uptimes of phishing attacks declined, and were close to historic lows, pointing to successes being routinized by anti-phishing responders and the enduring prevalence of shared virtual server attacks (still some 18 percent of all campaigns) which attract attention and batched take-downs.