"Phishers are breaking into hosting providers with unprecedented success, using these facilities to launch mass phishing attacks," declared representatives from, the Anti-Phishing Working Group (APWG) when they announced key findings from its new survey on Thursday (April 25, 2013).
"Using this method, a phisher hacks into a web server that hosts a large number of domains-a 'shared virtual server'-and plants phishing attacks on every domain name on the server. This allows the phisher to subvert hundreds or even thousands of Web sites at a time," they said in a statement on Thursday. "The number of phishing attacks worldwide rose due to these break-ins, with attacks involving shared virtual servers representing 47 percent of all phishing attacks recorded worldwide in the second half of 2012."
Other key findings form the survey include the following.
* "The average and median uptimes of phishing attacks remained lower than the historical average, averaging 26 hours and 13 minutes in 2H2012, compared to the all-time low of 23 hours and 10 minutes recorded in 1H2012."
* "When phishers register domain names for their scams, a small number of domain name registrars were abused more prevalently than others, relative to their overall domain registration portfolios and their industry peers. Eight of those registrars are located in China."
* "There were at least 123,486 unique phishing attacks worldwide during the study period, found on 89,748 different domain names. Of those domains, the authors reported that 5,835 domain names appeared to be registered maliciously by the phishers. The number of maliciously-registered phishing domains has been in steady decline-down significantly from 7,712 in 1H2012, 12,895 in 2H2011, and 14,650 in 1H2011."
* "The overall use of subdomain services-registration schemes that give customers a subdomain beneath a common domain name-for phishing fell from 14 percent to 8 percent of all attacks."
* "Phishing occurred in 207 top-level domains (TLDs), but 82 percent of the malicious domain registrations were in just three TLDs: .COM, .TK and .INFO."
* "Phishers targeted 611 target institutions, up from 486 in the first half of 2012. Targets include the user of banks, e-commerce sites, social networking services, ISPs, government tax bureaus, online gaming sites and financial securities companies. Paypal was the most targeted institution."
* "Only about 1.4 percent of all domain names that were used for phishing contained a brand name or variation thereof."
Sign up for CIO Asia eNewsletters.