Friday, February 10, 2012

Study: 'Phishing' Focuses On Specific Web Domains

November 25, 2008

So-called Internet phishing gangs are concentrating their efforts within specific top level domains (TLDs) but anti-phishing policies and mitigation programs by domain name registrars and registries are having a significant and positive effect, according to a new study by the Anti-Phishing Working Group -- a group that monitors and attempts to decrease the online practice whereby scammers trick users into giving up sensitive information.

For the study, APWG surveyed 47,324 unique phishing attacks located on 26,678 unique domain names. The group found the number of TLDs abused by phishers expanded 7 percent from 145 in the second half of 2007 to 155 in the first half of 2008. The proportion of Internet-protocol number-based phishing sites decreased 35 percent in that same period, declining from 18 percent in the second half of 2007 to 13 percent in the first half of 2008.

“We’re seeing a trend away from fixed IP-based URLs which are readily shut-down to use of more domain based URLs,” said Internet Identity's Rod Rasmussen, co-chair of APWG’s Internet Policy Committee. “Many of these are on compromised servers which already have established ‘good’ reputations, while others are on fraudulently registered domain names supported by botnets or other throw-away hosting resources."

The report finds some correlations between registry policies and the prevalence and duration of phishing activity in their TLDs. APWG researchers’ analysis of phishing site uptime and other metrics showed that anti-phishing policies can help reduce phishing activity. Specifically, the .cn, .info, and .biz TLDs, whose managers have implemented counter-phishing programs, had phishing site uptimes notably below the industry average.

Join the Discussion

The National Journal Group has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate.

Comments powered by Disqus

 

Archives

Monthly Archives

Categories

Recent Posts

Recent Comments


Contributors

Juliana Gruenwald

Tech Writer

E-Mail: jgruenwald@nationaljournal.com.


Juliana Gruenwald has been covering tech and telecom issues for more than a decade for National Journal, Interactive Week, BNA and Congressional Quarterly. This is her second stint with National Journal. She was recruited by NJ in 1998 to help launch its first tech policy publication, Technology Daily. She left in 2000 to cover international tech and telecom issues for Ziff Davis Media's Interactive Week magazine. She started her career at United Press International as the wire service's first Helen Thomas Intern. She has a Bachelor of Arts degree from the University of Minnesota. A Minneapolis native, she misses the lakes but not the cold.


Josh Smith

Tech Reporter

E-Mail: joshsmith@nationaljournal.com.


Josh Smith covers technology policy as a staff reporter for National Journal. He previously interned at National Journal Daily, a Senate press office, and the Deseret News in Salt Lake City where he covered the state legislature, courts, and crime. In 2009 he graduated with honors from Southern Utah University after managing an award-winning student newspaper as editor-in-chief. Josh has received state, regional and national awards for his political and policy reporting, including first place in CapitolBeat’s 2009 Best of Statehouse Reporting college competition. A native of drop-dead-gorgeous Utah, Josh lives in Virginia with his wife, Amber.