Record wave of phishing comes to an ebb in autumn 2016

The Anti-Phishing Working Group reports that the year’s record wave of phishing subsided in the autumn. According to the APWG’s new Phishing Activity Trends Report, the total number of phishing websites detected in the third quarter of 2016 was 364,424, compared with 466,065 in the second quarter — a decline of 25 percent.

The second quarter of the year had the all-time-high number of phishing attacks, and the decline represents a return to more historical norms. The number of attacks detected per month fell from a high of 153,998 in April to 104,349 in August.

“In August and September MarkMonitor detected a significant dip in phishing URLs following record highs in April through July. Volume in the third quarter was comparable with volumes detected over the same period last year,” said APWG contributor Stefanie Ellis.

APWG Senior Research Fellow Greg Aaron observed: “Phishing traditionally ramps up again during the holiday season. We urge online consumers to be alert, and to be careful clicking on links found in emails. When in doubt, type in the name of the site that you wish to visit.”

The report also reveals that the Retail/Service sector,which includes music and e-commerce sites, was the most-attacked, suffering 43 percent of all phishing attacks in the third quarter. Attacks against the Financial sector (composed mainly of banks) increased from 16 percent in Q2 to 21 percent in Q3.

In malware news, the country with the worst malware infection rate was China, where 47 percent of machines were infected. Scandinavian countries Norway, Finland, and Sweden had the lowest infection rates.