Phishers go after unprecedented breadth of targets

Apple is the most phished brand in the world, accounting for 17 percent of all phishing reports sampled and analyzed from the first half of 2014, say the results of the new Global Phishing Survey released by APWG.

Apple’s brand and associated marques, such as iTunes and iPad, eclipsed perennial phishing target favorite PayPal with the computing device manufacturer enduring 21,951 of the 123,741 phishing reports sampled.

PayPal was the second most phished brand, targeted in 17,811 attacks, or 14.4 percent of the half’s sample. The Chinese marketplace Taobao was third with 16,418 attacks, or 13.2 percent of the sampled attacks.

“As the world’s most valuable brand with a massive on-line user base, Apple has always been a phishing target, and with phishers concentrating more and more on online account takeover, consumers’ Apple ID’s are a tempting target,” said Rod Rasmussen, President and CTO of IID and the survey’s co-author.

“As Apple provides more services and devices tied to one’s Apple ID, including the just announced Apple Pay, it is no surprise that phishers are increasing their efforts to fool consumers into divulging their credentials, regardless of additional security measures Apple puts in place to protect their customers,” Rasmussen said.

The report found cybercrime gangs are aggressively pursuing brand diversity in their online fraud schemes, spoofing and otherwise leveraging the identities of some 756 institutions, the highest number the analysts had yet encountered.

“If a site takes in personal data like passwords or credit card information, then phishers may want to exploit it,” said Greg Aaron, President of Illumintel and the survey’s other co-author. “We’re seeing an unprecedented breadth of targets — cloud storage sites, utility companies, business service providers, and real estate brokerages.”

Of the 87,901 domains used for phishing, the report identified some 22,679 domains, a quarter of the total sample, that the authors believe were registered maliciously by phishers.

The number is primarily due to registrations by Chinese phishers, who prefer cheap (and free) domain name registrations in certain TLDs. The other 65,222 domains were almost all hacked or compromised on vulnerable Web hosting.