Report: Fraudsters Seek New Victims and Brands to Exploit in Untapped Markets
Cybercrime gangs drop co-opted hosting
infrastructure in Russia;
turn focus to Kazakhstan
Mass. – Nov. 6, 2013 – The APWG reports in its new Phishing Activity
Report that a record number of brands were targeted by phishers in the second
quarter of 2013. A total of 639 unique brands were targeted by phishing attacks
in the period, topping the previous high of 614 seen in the fourth quarter of
2012. The trend indicates that cybercrime gangs are spending time looking for
new companies and Internet users to victimize. The total number of unique
phishing websites was up slightly, from 118,073 in Q1 to 119,101 in Q2.
"The landscape continues to evolve as fraudsters seek new victims in
markets by targeting more brands,” said Ihab Shraim, CISO and Vice President
Anti-Fraud Engineering and Operations at MarkMonitor.
The report also documents other shifts in criminal behavior. Russia has
traditionally been near the top of the list of countries where phishing websites
have been hosted. But in June 2013, phishing on Russian hosting facilities
almost disappeared, with Kazakhstan suddenly appearing in the number 2 spot. A
spate of phishing websites hosted in Hong Kong flared and then disappeared in
April. And in May, Germany briefly surpassed the United States as the top
country hosting websites serving up phishing-based Trojans and downloaders.
“The portability of a phishing infrastructure is well-documented, and criminals
continue to attempt to evade detection and shut-downs by moving their
infrastructure around,” said Carl Leonard of Websense Security Labs.
The amount of new malware samples continued to rise. In the second quarter of
2013, 12 percent more unique malware samples were identified than in the same
period last year, and an increase of 17 percent in 2013. Trojans were the most
popular, accounting for 77.2 percent of all new malware created.
The full text of the report is available here:
About the APWG
The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global
industry, law enforcement, and government coalition focused on unifying the
global response to electronic crime. Membership is open to qualified financial
institutions, online retailers, ISPs and Telcos, the law enforcement community,
solutions providers, multi-lateral treaty organizations, research centers, trade
associations and government agencies. There are more than 2,000 companies,
government agencies and NGOs participating in the APWG worldwide. The APWG's
education.apwg.org websites offer the public, industry and government
agencies practical information about phishing and electronically mediated fraud
as well as pointers to pragmatic technical solutions that provide immediate
protection. The APWG is co-founder and co-manager of the STOP. THINK. CONNECT.
Messaging Convention, the global online safety public awareness collaborative
www.stopthinkconnect.org and founder/curator of the eCrime Researchers
Summit, the world’s only peer-reviewed conference dedicated specifically to
electronic crime studies
www.ecrimeresearch.org. APWG.EU, the APWG’s European Union chapter, was
established in October, 2013 as non-profit research foundation headquartered in
Peter Cassidy, +1 617-669-1123