Number of attacks doubled in second half of year, but dying out in 2010
The Anti Phishing Working Group has released its “Global Phishing Survey: Trends and Domain Name Use 2H2009.” Highlights include:
— The Avalanche phishing gang was behind two-thirds of the 126,697 phishing attacks launched in the second half of last year.
— The uptime of phishing attacks continues to drop because of the response to Avalanche. Avalanche phish have half the up-time as non-Avalanche domains.
— APWG estimated that there were at least 126,697 phishing attacks in the second half of the year and 55,698 attacks in the first half.
— Phishing remains concentrated in just four top level domains: 76 percent of the attacks occurred in .COM, .EU, .NET, and .UK.
— Eighty eight percent of the malicious domain registrations were made in just five top level domains: .BE, .COM, .EU, .NET and .UK.
Avalanche is on the decline though. The report says: “Avalanche domain registrations hit a high in December 2009, but by then Avalanche was hosting fewer and fewer attacks overall. By March 2010, Avalanche was hosting only one phishing attack on each domain it registered, and attacks dwindled to just 59 in the month of April 2010.”
Report here: http://www.antiphishing.org/reports/APWG_GlobalPhishingSurvey_2H2009.pdf